Overview

overview

7

Static

static

7

549fcdd493...e4.exe

windows7-x64

7

549fcdd493...e4.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 21:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    549fcdd493b68105b4f992a78c9949fee3a519b1e6cd2dd1a098ba7eb61641e4.exe

  • Size

    9.2MB

  • MD5

    c0774f59fba4635cb9a8defff7af48a9

  • SHA1

    e8133d8cfb7914b341da444327e795216f27c42d

  • SHA256

    549fcdd493b68105b4f992a78c9949fee3a519b1e6cd2dd1a098ba7eb61641e4

  • SHA512

    12a77d2029da72b72a63ca3a7f1a1a36096fd8b5d673080be098bd3eddff186cc04987fb01abfe50a71401bd6cd2723115494e6c15920e14eb3204983b638687

  • SSDEEP

    196608:kj2R7czUEDSzimFkOD7lf1hfrm4hNYAZuDA2nRjgowZSNxhDkD0hDOn:kjXczX5D/Ph3cZRcsRCoDw

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\549fcdd493b68105b4f992a78c9949fee3a519b1e6cd2dd1a098ba7eb61641e4.exe
    "C:\Users\Admin\AppData\Local\Temp\549fcdd493b68105b4f992a78c9949fee3a519b1e6cd2dd1a098ba7eb61641e4.exe"
    1⤵
      PID:3224

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\MeldaProduction\SystemFonts.cache
      Filesize

      171B

      MD5

      34692d3a874d133c1100d56d581a81e4

      SHA1

      b12a83660e27ecd766112bd691a306b1a7114f33

      SHA256

      d5ac4a68b0dadb211ed1cc4b2a180737078a6843a5cda74208bbe232916a4b5c

      SHA512

      73dc6cc86258adb36e27e4e07e0ae8e75b3d162daea68033c1c4c25f1734869dcfa8d97cc49ea3633743efbfaa217b270646d2c476b76f418fc2bfe684744a7a

      Download Submit

    • memory/3224-0-0x0000000000E60000-0x00000000014A8000-memory.dmp

      Filesize

      6.3MB

      Download

    • memory/3224-15-0x0000000000E60000-0x00000000014A8000-memory.dmp

      Filesize

      6.3MB

      Download