e6564b70fa3d9a9e989ad7c1bb2b027f2e5447273c0bb64f84c7940828ecb0ed

Submit
Reports

Overview

overview

Static

static

05b48b2909...29.exe

windows10-2004-x64

143e14de3a...c5.exe

windows10-2004-x64

2c899ff55c...31.exe

windows10-2004-x64

2e0a9b6a39...9b.exe

windows10-2004-x64

4250b0250d...ee.exe

windows10-2004-x64

464a716862...38.exe

windows10-2004-x64

4d09936a4a...bf.exe

windows10-2004-x64

59c1607382...01.exe

windows10-2004-x64

61f1416a77...2b.exe

windows10-2004-x64

68ca177d42...f8.exe

windows7-x64

68ca177d42...f8.exe

windows10-2004-x64

6ba0db3b66...b3.exe

windows10-2004-x64

8b549a8688...5b.exe

windows10-2004-x64

a8dffd83e4...8a.exe

windows10-2004-x64

b6b53c7022...c9.exe

windows10-2004-x64

ccc5c313f4...94.exe

windows10-2004-x64

e04ecd64b5...1b.exe

windows7-x64

e04ecd64b5...1b.exe

windows10-2004-x64

e38bd93e74...28.exe

windows7-x64

e38bd93e74...28.exe

windows10-2004-x64

eab14d8dad...38.exe

windows10-2004-x64

f943251c5b...1b.exe

windows10-2004-x64

fb49b50c0d...90.exe

windows7-x64

fb49b50c0d...90.exe

windows10-2004-x64

Analysis

max time kernel
120s
max time network
127s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 13:23 UTC

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

2 signatures

Behavioral task

behavioral1

Sample

05b48b2909386e117184a0bdde8c6718992cf21d07674042c9d076292b260729.exe

Resource

win10v2004-20240426-en

amadey healer redline smokeloader news backdoor dropper evasion infostealer persistence trojan

windows10-2004-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

143e14de3ab20f2359132907b991db6a76d0d521ba132b83a736d149619409c5.exe

Resource

win10v2004-20240508-en

amadey healer redline krast dropper evasion infostealer persistence trojan

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral3

Sample

2c899ff55cbbdd4c5b9be75b0893daed295266b8392bd0365eb55f6acf67f731.exe

Resource

win10v2004-20240508-en

healer redline dumud dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral4

Sample

2e0a9b6a39ce81b93beb155ac3c237f4a6b9248d6b872ed22bfdf8851796b19b.exe

Resource

win10v2004-20240426-en

healer redline lamp dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral5

Sample

4250b0250d540350db8a017ad70a9992b46d70a0d5ab9438c3c0597af56f27ee.exe

Resource

win10v2004-20240508-en

amadey healer redline lande dropper evasion infostealer persistence trojan

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral6

Sample

464a7168620633d6f4e27494eec6c1cedff2ae39e5ffda7f9913f43efd93bd38.exe

Resource

win10v2004-20240426-en

healer redline mihan dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral7

Sample

4d09936a4a5e882005320c53757dc18469109b9f86d4b6003bb674e1658b0dbf.exe

Resource

win10v2004-20240426-en

healer redline lamp dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral8

Sample

59c1607382fbf89bf1ce30ceb0a4e1724a81c2e855e91e5f12e07c396e822a01.exe

Resource

win10v2004-20240226-en

amadey healer redline nasa dropper evasion infostealer persistence trojan

windows10-2004-x64

16 signatures

150 seconds

Behavioral task

behavioral9

Sample

61f1416a771544600c2eb0122b2860693273306c4f450b6c7dc5af2a07a52b2b.exe

Resource

win10v2004-20240426-en

healer redline masha dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral10

Sample

68ca177d42ab79022ede5d703f2f3b4e3de42fc1ae56a531b50f66f3339721f8.exe

Resource

win7-20240221-en

upx

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

68ca177d42ab79022ede5d703f2f3b4e3de42fc1ae56a531b50f66f3339721f8.exe

Resource

win10v2004-20240508-en

upx

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

6ba0db3b66f5f3df269e1eb1b3241575d1ec8d58b19767274aae0af44946bbb3.exe

Resource

win10v2004-20240426-en

amadey healer redline smokeloader nasa backdoor dropper evasion infostealer persistence trojan

windows10-2004-x64

17 signatures

150 seconds

Behavioral task

behavioral13

Sample

8b549a868852eb291819180cd971dd7b163003efa16b8efacf685d2d5f879a5b.exe

Resource

win10v2004-20240426-en

amadey healer redline nasa dropper evasion infostealer persistence trojan

windows10-2004-x64

16 signatures

150 seconds

Behavioral task

behavioral14

Sample

a8dffd83e4ed96b525aa095a5fdbe826aa6409b97419dc8c1ab463bac16a438a.exe

Resource

win10v2004-20240508-en

persistence

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral15

Sample

b6b53c7022ec83f58037dc5fee6d8a5dd71ff675b2851d1ebdaac02d608ebac9.exe

Resource

win10v2004-20240508-en

healer redline lamp dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral16

Sample

ccc5c313f416465ffc57b4343c6e512d0568f618620aaa7b258b5d5721aaf394.exe

Resource

win10v2004-20240508-en

healer redline nasa dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral17

Sample

e04ecd64b5614cc4103cdde760de6180002d85792ec28fa0beb64b385bf3f11b.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

e04ecd64b5614cc4103cdde760de6180002d85792ec28fa0beb64b385bf3f11b.exe

Resource

win10v2004-20240508-en

rhadamanthys stealer

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral19

Sample

e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe

Resource

win10v2004-20240426-en

redline zgrat discovery infostealer rat spyware stealer

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral21

Sample

eab14d8dada2d5205db79e415c61561de2646a3a67f4615bfffa2f0c272f8738.exe

Resource

win10v2004-20240508-en

healer redline dumud dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral22

Sample

f943251c5b3ff162faabeb09676429800f82298b7971cbfb3dee652de07b391b.exe

Resource

win10v2004-20240226-en

amadey healer redline lande dropper evasion infostealer persistence trojan

windows10-2004-x64

16 signatures

150 seconds

Behavioral task

behavioral23

Sample

fb49b50c0d470063e9548552158ebf5137ca285f8cf0ccfe1a2ef2d44bbb4390.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

fb49b50c0d470063e9548552158ebf5137ca285f8cf0ccfe1a2ef2d44bbb4390.exe

Resource

win10v2004-20240426-en

redline 7001210066 discovery infostealer

windows10-2004-x64

8 signatures

150 seconds

Report Analysis Logs

General

Target

68ca177d42ab79022ede5d703f2f3b4e3de42fc1ae56a531b50f66f3339721f8.exe
Size

2.6MB
MD5

2f7129366c456459ebadc1dd90c439f2
SHA1

9ea7a9df8898f50dbeac35a8f2f20b43644fb1fa
SHA256

68ca177d42ab79022ede5d703f2f3b4e3de42fc1ae56a531b50f66f3339721f8
SHA512

32abc0a370d950b619a7ebb13bb2b497a318ff0043345a5523598465d8a8bf7000d2d5b52e1cac62df6fd21ba143b1df43ff0b392a8c39e8df7e49d5982ae294
SSDEEP

49152:zKC9Pmf3aSVILfYuExL71E7gLkPjDv5DIuZ4/vR55kmjCoyfR5L:zP2JeYPOPjlDxIr5Oo6V

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral10/memory/856-1-0x000000013FFF0000-0x0000000140B69000-memory.dmp	upx
behavioral10/memory/856-0-0x000000013FFF0000-0x0000000140B69000-memory.dmp	upx

Processes

C:\Users\Admin\AppData\Local\Temp\68ca177d42ab79022ede5d703f2f3b4e3de42fc1ae56a531b50f66f3339721f8.exe
"C:\Users\Admin\AppData\Local\Temp\68ca177d42ab79022ede5d703f2f3b4e3de42fc1ae56a531b50f66f3339721f8.exe"
1⤵
PID:856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/856-1-0x000000013FFF0000-0x0000000140B69000-memory.dmp

Filesize
11.5MB

Download
memory/856-0-0x000000013FFF0000-0x0000000140B69000-memory.dmp

Filesize
11.5MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.