Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/06/2024, 04:26

General

  • Target

    e30b9228c7957082cd02f0f11098cf48f7d77bc42374198e3013d8f73bc30b80.exe

  • Size

    79KB

  • MD5

    4967fa17bef4f4781e8800fedb39bcf5

  • SHA1

    31776d5c5511adba0169056bcdbb36d4fcfbe1df

  • SHA256

    e30b9228c7957082cd02f0f11098cf48f7d77bc42374198e3013d8f73bc30b80

  • SHA512

    9b185bcff679169f182e46c33c02ec86dd26f7bb0370a462b1aeef5b70dcb590f9c47ef734b8997fdaa67ec628e02a0723340c5952cb92ef4ec8a6f42b66414f

  • SSDEEP

    1536:y4QQ6NSyM61l19piO+LV8YEoI/EU9RUe4mUK9VO3PA4KFTZ8m6Qkc:y4X6NSyfnpijeYEoIcq4pKyf9KFdD6QB

Score
7/10

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Drops file in System32 directory 27 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e30b9228c7957082cd02f0f11098cf48f7d77bc42374198e3013d8f73bc30b80.exe
    "C:\Users\Admin\AppData\Local\Temp\e30b9228c7957082cd02f0f11098cf48f7d77bc42374198e3013d8f73bc30b80.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:880

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\macromd\hot girl on the beach sucking cock and fucking guy.mpg.exe

          Filesize

          87KB

          MD5

          f58d57768f679725516d8e4b5d175b33

          SHA1

          bb17ab2f8a4aec160e30043636b08f9a5ba5cb4e

          SHA256

          ff4503dee5e5bc853d6ae5102f49e35deaeb25840530933d3850ef28ae866f5d

          SHA512

          e9b16d7c5714c13b15b9d3f019079910acfaceda78f377c6892a8038e552e89e8d7bc478b6c4a170d9e201a592131e5bb1aea496bf8e0102ee6a676804ccfb00

        • memory/880-0-0x0000000000400000-0x0000000000464000-memory.dmp

          Filesize

          400KB

        • memory/880-28-0x0000000000400000-0x0000000000464000-memory.dmp

          Filesize

          400KB