Overview

overview

7

Static

static

7

f980878789...5a.exe

windows7-x64

7

f980878789...5a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/05/2024, 18:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f980878789f8e2810fcb00ba1de1d7f08795ae1aee9edaf0a9e04a941f9b0e5a.exe

  • Size

    604KB

  • MD5

    d7dc86384a776681209eb66d71deebcb

  • SHA1

    22b15744e35ff982049d83a962caa14230afe81c

  • SHA256

    f980878789f8e2810fcb00ba1de1d7f08795ae1aee9edaf0a9e04a941f9b0e5a

  • SHA512

    e4f83f8a9cccf59ee9a5e2c739d0a6c83ffba4e90d1ea2c7d5d56df2abd790a2c0a851f90c5b9cab95a3be3143ac58036d05ab26de0a0929ef3159c6c685c679

  • SSDEEP

    12288:qBAsu/1OsCzbT7YebtN2rMFpouF0/DD0:3MzEgNPFpoz/0

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 5 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f980878789f8e2810fcb00ba1de1d7f08795ae1aee9edaf0a9e04a941f9b0e5a.exe
    "C:\Users\Admin\AppData\Local\Temp\f980878789f8e2810fcb00ba1de1d7f08795ae1aee9edaf0a9e04a941f9b0e5a.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2792
    • C:\Program Files\footprint\require.exe
      "C:\Program Files\footprint\require.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\footprint\require.exe
    Filesize

    604KB

    MD5

    a18a6cd5c2b2ec86ff31071c3a3c2a6e

    SHA1

    d73d1a24101f97cce5cbe0d294f7e5cadbf1e866

    SHA256

    7d0a2c86f1e1ac34b0023e2f9f4624c03d111e9dc296e7fe3a70f5161670d9b8

    SHA512

    772a94bba4fecb65dac901af2cf811fefaaaf3b5d0bf0336cc6440abdf133d6f032b9dd68af356282d40a40aa4af12d50f2b62317c5570ba4f5fe2875ec5fcfc

    Download Submit

  • memory/228-5-0x0000000000400000-0x0000000000581000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/228-7-0x0000000000400000-0x0000000000581000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/2792-0-0x0000000000400000-0x0000000000581000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/2792-6-0x0000000000400000-0x0000000000581000-memory.dmp

    Filesize

    1.5MB

    Download