Overview

overview

7

Static

static

3

a1885ee08d...51.exe

windows7-x64

7

a1885ee08d...51.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-03-2024 00:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a1885ee08d2a505b4165465ae22a3672fdb435611afa8bf212c0d865732f4951.exe

  • Size

    1.8MB

  • MD5

    8d6c8f878e649648860735f7205dce3b

  • SHA1

    cf6830d74809aef8b5d5a0f2a9437d7149e0b089

  • SHA256

    a1885ee08d2a505b4165465ae22a3672fdb435611afa8bf212c0d865732f4951

  • SHA512

    5f0cedaa19562a463678391b87a164f1669d03386565b176e35c447a26d66de8ec629016b43322f706de8e616a58e3e5fd645e7fc766b336cffaf9602a96c7e2

  • SSDEEP

    24576:ee69d2NDoICjJr2GJij0/El1ncHExYCr7sSaem2DgI3DbJwd9o0TJn6z1jCzN+X:eeNsF29lVSCBafvTJn6zRQsX

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a1885ee08d2a505b4165465ae22a3672fdb435611afa8bf212c0d865732f4951.exe
    "C:\Users\Admin\AppData\Local\Temp\a1885ee08d2a505b4165465ae22a3672fdb435611afa8bf212c0d865732f4951.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:3000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\apm4D07.tmp
    Filesize

    148KB

    MD5

    10a2f663fdc511fd52bfcfd0a8837549

    SHA1

    e3669af6eeb82c20b10245caa4974cb727b52bf0

    SHA256

    bd5f2e4ac7c2bea616fa60a50698b0d6d46a9456c08392a5c62c340d6f738eeb

    SHA512

    7e54bcce8f6813873db102f010431ad1ba83d554e9c368c598d428a1b8e6bc10f3622e559c0daa9d5b1740aa6fc08a5d97bc3f23217035b929a64b0399ce9830

    Download Submit

  • memory/3000-0-0x00000000024E0000-0x00000000024E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3000-5-0x0000000010000000-0x0000000010081000-memory.dmp

    Filesize

    516KB

    Download

  • memory/3000-6-0x0000000000400000-0x000000000060E000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/3000-10-0x00000000024E0000-0x00000000024E1000-memory.dmp

    Filesize

    4KB

    Download