Overview

overview

7

Static

static

3

652acc131b...80.exe

windows7-x64

7

652acc131b...80.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/05/2024, 00:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    652acc131b1b7d9d152967f329aa719ffe145f258cff7433ff0ef7ec3bed5b80.exe

  • Size

    71KB

  • MD5

    6a8d72a2daae6deb5257c427edd03172

  • SHA1

    883fbfea964e489bcea9c89c5b644653cc16fe75

  • SHA256

    652acc131b1b7d9d152967f329aa719ffe145f258cff7433ff0ef7ec3bed5b80

  • SHA512

    c5cdfe931909ab1f9624a0ce00a911ae438a4dbc2e8fb0afc5719a26e497d3598034a742b3b4e6ab456dc744481ac3399d57cb2bbe3c94b6d7950eb621341015

  • SSDEEP

    1536:1YF8NLCofRLCg/pdsHT+obdo8Cgzvl4ooofgke253hb:uF+LCofRLCgxSzXo8CgpIo53hb

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\652acc131b1b7d9d152967f329aa719ffe145f258cff7433ff0ef7ec3bed5b80.exe
    "C:\Users\Admin\AppData\Local\Temp\652acc131b1b7d9d152967f329aa719ffe145f258cff7433ff0ef7ec3bed5b80.exe"
    1⤵
    • Drops file in System32 directory
    PID:948
    • C:\Windows\SysWOW64\ugleaseh.exe
      "C:\Windows\SysWOW64\ugleaseh.exe"
      2⤵
      • Executes dropped EXE
      PID:1536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\ugleaseh.exe
    Filesize

    68KB

    MD5

    8473bfbdfd96a88425e82cb3ac3b4630

    SHA1

    6c64cb0127a86cdce2efcdfb85f234c3b8129874

    SHA256

    cea7d4b9bfd0bb2afd463cde6e12c1b836414149452722b0bafeb1203431b510

    SHA512

    e66ae08c4e406fa132edce9cd570ec0813f8792478f59d362c793055a417208b74955d9d4a15b053896cf81754c2b7e3047baea1fd62878d816d849679b49613

    Download Submit

  • memory/948-1-0x0000000077E42000-0x0000000077E43000-memory.dmp

    Filesize

    4KB

    Download

  • memory/948-4-0x0000000000400000-0x0000000000403000-memory.dmp

    Filesize

    12KB

    Download