Overview

overview

7

Static

static

3

bosskey22.0.0.3.exe

windows7-x64

7

bosskey22.0.0.3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-03-2024 02:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bosskey22.0.0.3.exe

  • Size

    401KB

  • MD5

    ab0ca43773fce4df39e994d4e51d28e0

  • SHA1

    2b6417d729bbd9641714950595fc061d8acf5885

  • SHA256

    0f9cf011f1f4d66c0f8b38b39e1186ac23135aaf650e70b3a75d882929b1dfa5

  • SHA512

    51adecda2257590b108b0c5f78d7ad0f20687ee82bf74f77083171838c332e3a34ed694494f8896307b5d5643fca6519ce66fc32ad242eabeeca95a70449ebcc

  • SSDEEP

    6144:Kqc6lXgnhjlhdOc5nyOmlv00UQAngefBPolejmPLZ8sz+7Ij2EPL/rqxxsTZqeFs:et8HPAgefBvjmjZ806424TrCxsqXd

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 10 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bosskey22.0.0.3.exe
    "C:\Users\Admin\AppData\Local\Temp\bosskey22.0.0.3.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2468

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\softconfig.ini
    Filesize

    172B

    MD5

    e81b81c7904aff49e25b9a6e959af9fa

    SHA1

    52244be7620c0e87bdfd9fcd49af2b2696f14544

    SHA256

    ed99deba0dc3f3ee2f1570310f7790d315212e84565cb5ec068e7d2bde8645d4

    SHA512

    ce590ed0b13b0d4261c0d7f1a06e7356bbe6477f27d1f1a235caeb2cadacaffc56f202b48ec96ffecef4abc0a7480f192d82cdc36a465d28ea65ad1496454a68

    Download Submit

  • memory/2468-0-0x0000000010000000-0x0000000010093000-memory.dmp

    Filesize

    588KB

    Download

  • memory/2468-4-0x0000000010000000-0x0000000010093000-memory.dmp

    Filesize

    588KB

    Download

  • memory/2468-5-0x0000000010000000-0x0000000010093000-memory.dmp

    Filesize

    588KB

    Download

  • memory/2468-6-0x0000000010000000-0x0000000010093000-memory.dmp

    Filesize

    588KB

    Download

  • memory/2468-25-0x0000000010000000-0x0000000010093000-memory.dmp

    Filesize

    588KB

    Download

  • memory/2468-26-0x0000000010000000-0x0000000010093000-memory.dmp

    Filesize

    588KB

    Download

  • memory/2468-27-0x0000000010000000-0x0000000010093000-memory.dmp

    Filesize

    588KB

    Download

  • memory/2468-29-0x0000000010000000-0x0000000010093000-memory.dmp

    Filesize

    588KB

    Download

  • memory/2468-32-0x0000000010000000-0x0000000010093000-memory.dmp

    Filesize

    588KB

    Download

  • memory/2468-35-0x0000000010000000-0x0000000010093000-memory.dmp

    Filesize

    588KB

    Download