fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a

Analysis

max time kernel
141s
max time network
114s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
20-05-2024 06:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe
Size

2.1MB
MD5

4e0d52ea1e2661b55e0f283aac216d4a
SHA1

8c8dfe06a5e913668259c2e8a34547dc16150ddb
SHA256

fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a
SHA512

61892c8fc142aec2f599bfee1e41a6331429b5321fc06a1b824aa6a101411b68dd4409c7132cddcdf813943096b794e897945949ce28eda56d1d8f185fad0845
SSDEEP

24576:hw7JExrHGRZCRZRTa7asHTcOcMp9tG+r2r4cX9ByEbMEGwdlzP9svYCG3P:hILbJ7asHQMpKIA3QOpVslC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 23 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/2308-30-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-43-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-41-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-39-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-37-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-35-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-33-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-31-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-27-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-25-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-23-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-21-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-19-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-17-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-15-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-13-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-9-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-7-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-4-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-45-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-11-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-5-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/2308-3-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2308	fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe

Suspicious use of FindShellTrayWindow 3 IoCs

pid	Process
2308	fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe
2308	fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe
2308	fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
2308	fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe
2308	fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe
2308	fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2308	fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe
2308	fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe
2308	fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe

C:\Users\Admin\AppData\Local\Temp\fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe
"C:\Users\Admin\AppData\Local\Temp\fada5933a3fbb7ab860bfb1f8cd63230704f99fed44848264ef34e9f11e7973a.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2308-0-0x0000000000D10000-0x0000000000D73000-memory.dmp

Filesize
396KB

Download
memory/2308-2-0x0000000000401000-0x0000000000402000-memory.dmp

Filesize
4KB

Download
memory/2308-30-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-43-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-47-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-48-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-46-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-50-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-49-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-51-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-41-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-52-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-53-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-39-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-37-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-35-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-33-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-31-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-27-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-25-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-23-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-21-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-19-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-17-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-15-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-13-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-9-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-7-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-4-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-45-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-11-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-5-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-3-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2308-1-0x0000000000D10000-0x0000000000D73000-memory.dmp

Filesize
396KB

Download
memory/2308-54-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-55-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-56-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download
memory/2308-57-0x0000000000D10000-0x0000000000D73000-memory.dmp

Filesize
396KB

Download
memory/2308-58-0x0000000000400000-0x0000000000673000-memory.dmp

Filesize
2.4MB

Download