Overview

overview

10

Static

static

10

15bc022e2c...10.exe

windows7-x64

9

15bc022e2c...10.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    134s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 18:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    15bc022e2c28490351e77eec7ead91ed8f204809e29d674b9a31e6f87f838210.exe

  • Size

    8.6MB

  • MD5

    ccce822710604eadb996f6fc20f73a13

  • SHA1

    8a101244130b445d76df89705ab8d7f3eb37fa03

  • SHA256

    15bc022e2c28490351e77eec7ead91ed8f204809e29d674b9a31e6f87f838210

  • SHA512

    40f7a3b3f50bad321ef6596c850ab196da8d2aea8fc3520a6517212f9faeb2068b5a6d9e6cd938e5e4d1c07ea39db1f7fcfc53c4fadc3cc20035c2e4fa52abb0

  • SSDEEP

    196608:l+IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII2:l3

Score
9/10
upx

Malware Config

Signatures

  • UPX dump on OEP (original entry point) 2 IoCs
  • Executes dropped EXE 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\15bc022e2c28490351e77eec7ead91ed8f204809e29d674b9a31e6f87f838210.exe
    "C:\Users\Admin\AppData\Local\Temp\15bc022e2c28490351e77eec7ead91ed8f204809e29d674b9a31e6f87f838210.exe"
    1⤵
    • Drops file in System32 directory
    PID:1536
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:3288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    9.1MB

    MD5

    d6075ebca7ecd387d1ac66f7b8ee5a2a

    SHA1

    c180a1395f4fda41400500e86ec8c0a9fd403fe2

    SHA256

    2f58b899e2dc8950f14dc8e5972913b3264ad4a3f15efbfa1b4f9135ca759516

    SHA512

    38db1b996216b0b0a3b6a65849b7692d2f8cc7fdf5e18e953c527911573be3aed671abb7394507871ee2feeb5a62f39ed183b4afb3173212ab477aae451e14f4

    Download Submit

  • memory/1536-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/1536-1-0x00000000007A0000-0x00000000007A5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/1536-3-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/1536-9-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/3288-7-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download