af833e2ce9c9b2393721c2ccf58ea15188ed00462ccbad4a11144ece3e4eefd1

General

Target

af833e2ce9c9b2393721c2ccf58ea15188ed00462ccbad4a11144ece3e4eefd1.exe
Size

2.9MB
MD5

d50cb6964b23a0dba137d5f7d1c48390
SHA1

7524e59a351181de741e07bfd88ce4facb72b9f2
SHA256

af833e2ce9c9b2393721c2ccf58ea15188ed00462ccbad4a11144ece3e4eefd1
SHA512

039f7938bc60e67f435664aab009f38326ced2c959365ba494c8b67dfe46cf9102d6906129bbb4445163cdb39a76bb491c94f07275c54a63d5a96ad86906d872
SSDEEP

49152:mYkScvP3ZvP4su+vmSSjlSjSOBH4Wp39kIMSrRvnJAtcn5Gt4:dkS8Ppn4s/OSSj0jraKkrqRvnjGt

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 25 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/3704-1-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-2-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-3-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-5-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-7-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-10-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-12-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-14-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-16-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-18-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-20-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-22-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-24-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-27-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-29-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-31-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-33-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-36-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-38-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-40-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-43-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-45-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-48-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-49-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/3704-50-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3704	af833e2ce9c9b2393721c2ccf58ea15188ed00462ccbad4a11144ece3e4eefd1.exe
3704	af833e2ce9c9b2393721c2ccf58ea15188ed00462ccbad4a11144ece3e4eefd1.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
3704	af833e2ce9c9b2393721c2ccf58ea15188ed00462ccbad4a11144ece3e4eefd1.exe
3704	af833e2ce9c9b2393721c2ccf58ea15188ed00462ccbad4a11144ece3e4eefd1.exe
3704	af833e2ce9c9b2393721c2ccf58ea15188ed00462ccbad4a11144ece3e4eefd1.exe

C:\Users\Admin\AppData\Local\Temp\af833e2ce9c9b2393721c2ccf58ea15188ed00462ccbad4a11144ece3e4eefd1.exe
"C:\Users\Admin\AppData\Local\Temp\af833e2ce9c9b2393721c2ccf58ea15188ed00462ccbad4a11144ece3e4eefd1.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:3704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3704-1-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-2-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-3-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-5-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-7-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-10-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-12-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-14-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-16-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-18-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-20-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-22-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-24-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-27-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-29-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-31-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-33-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-36-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-38-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-40-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-43-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-45-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-48-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-49-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/3704-50-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download

Analysis

Sharing