Overview

overview

10

Static

static

10

ace9c19902...28.exe

windows7-x64

9

ace9c19902...28.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 01:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ace9c19902c5ad19cc708bac4a2c053bc14fab24b242bed75e4d34f54025d428.exe

  • Size

    9.0MB

  • MD5

    f05539fe6ad5550bee91d16887cb4aba

  • SHA1

    59facc5b81df461d4ede5606869e370034aef62c

  • SHA256

    ace9c19902c5ad19cc708bac4a2c053bc14fab24b242bed75e4d34f54025d428

  • SHA512

    32a6c0cdbcc46017f2c9acc45b0fe44b87840a34ed3c9800fab768b2512cbdbafe76c2fcb6e4b69e2037f85cfd51ec4b83b19539d88aadb45679c6f75bef1321

  • SSDEEP

    196608:jxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxQ:a

Score
9/10
upx

Malware Config

Signatures

  • UPX dump on OEP (original entry point) 2 IoCs
  • Executes dropped EXE 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ace9c19902c5ad19cc708bac4a2c053bc14fab24b242bed75e4d34f54025d428.exe
    "C:\Users\Admin\AppData\Local\Temp\ace9c19902c5ad19cc708bac4a2c053bc14fab24b242bed75e4d34f54025d428.exe"
    1⤵
    • Drops file in System32 directory
    PID:2968
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:3016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    9.2MB

    MD5

    4320ba95c8c54e64b8fcef99676078df

    SHA1

    03494a075bb6633c9345d964b6f971892289b119

    SHA256

    fb4cd8b674b36aac72e68a9187baa7320c5f24d5cceb34b5f23710d40c9f27d8

    SHA512

    ef60694b6df0ec3a23d5718c737f116d04c7fc9a72b2cb4c5001eb519ffdafcf63497863b7cb46e800b4893c41e771adb86323997679f9d48e14f4f7aeb87363

    Download Submit

  • memory/2968-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2968-2-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2968-1-0x00000000003B0000-0x00000000003B5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2968-8-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/3016-6-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download