Analysis
-
max time kernel
118s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
-
submitted
23-05-2024 01:47
General
-
Target
ace9c19902c5ad19cc708bac4a2c053bc14fab24b242bed75e4d34f54025d428.exe
-
Size
9.0MB
-
MD5
f05539fe6ad5550bee91d16887cb4aba
-
SHA1
59facc5b81df461d4ede5606869e370034aef62c
-
SHA256
ace9c19902c5ad19cc708bac4a2c053bc14fab24b242bed75e4d34f54025d428
-
SHA512
32a6c0cdbcc46017f2c9acc45b0fe44b87840a34ed3c9800fab768b2512cbdbafe76c2fcb6e4b69e2037f85cfd51ec4b83b19539d88aadb45679c6f75bef1321
-
SSDEEP
196608:jxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxQ:a
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 2 IoCs
-
Executes dropped EXE 1 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\ace9c19902c5ad19cc708bac4a2c053bc14fab24b242bed75e4d34f54025d428.exe"C:\Users\Admin\AppData\Local\Temp\ace9c19902c5ad19cc708bac4a2c053bc14fab24b242bed75e4d34f54025d428.exe"1⤵
- Drops file in System32 directory
-
C:\Windows\SysWOW64\svrwsc.exeC:\Windows\SysWOW64\svrwsc.exe1⤵
- Executes dropped EXE
- Drops file in System32 directory
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Windows\SysWOW64\svrwsc.exeFilesize
9.2MB
MD54320ba95c8c54e64b8fcef99676078df
SHA103494a075bb6633c9345d964b6f971892289b119
SHA256fb4cd8b674b36aac72e68a9187baa7320c5f24d5cceb34b5f23710d40c9f27d8
SHA512ef60694b6df0ec3a23d5718c737f116d04c7fc9a72b2cb4c5001eb519ffdafcf63497863b7cb46e800b4893c41e771adb86323997679f9d48e14f4f7aeb87363
-
memory/2968-0-0x0000000000400000-0x000000000042B000-memory.dmpFilesize
172KB
-
memory/2968-2-0x0000000000400000-0x000000000042B000-memory.dmpFilesize
172KB
-
memory/2968-1-0x00000000003B0000-0x00000000003B5000-memory.dmpFilesize
20KB
-
memory/2968-8-0x0000000000400000-0x000000000042B000-memory.dmpFilesize
172KB
-
memory/3016-6-0x0000000000400000-0x000000000042B000-memory.dmpFilesize
172KB