Overview

overview

7

Static

static

3

06356c25a7...90.exe

windows7-x64

7

06356c25a7...90.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    139s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/06/2024, 01:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    06356c25a7c363b08b89ce3745541b90.exe

  • Size

    25KB

  • MD5

    06356c25a7c363b08b89ce3745541b90

  • SHA1

    a3284d0cc629c27cdf7ab77a4b40c13cdeabb145

  • SHA256

    d05907b26b49961a6b14d759daea7afa356a84b0bcd32b309a54138ca800c352

  • SHA512

    fe06437bbe6bc7a60c5cdbf826eca5bcf0097c5eb39fa0d5a9fdae3827cdee1fa21032881d1970f42966bed59aec46d637222efc039c3b86d0471d945a31f6c0

  • SSDEEP

    384:ErzPKtQC5AVSc+u3Y8CFUZdRM2EYXKFJ9z6usMA8uN+6FxP8gH:ErzKtQSeYfFUZdyBYXKF7MQuQ6sK

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\06356c25a7c363b08b89ce3745541b90.exe
    "C:\Users\Admin\AppData\Local\Temp\06356c25a7c363b08b89ce3745541b90.exe"
    1⤵
    • Drops file in System32 directory
    PID:3164
    • C:\Windows\SysWOW64\rmass.exe
      "C:\Windows\SysWOW64\rmass.exe"
      2⤵
      • Executes dropped EXE
      PID:4460

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\rmass.exe
          Filesize

          22KB

          MD5

          d19820671570160b8c7c1bd138a15891

          SHA1

          f47c989fb10db63f9f44196ac7e1fe76e9afcd7c

          SHA256

          238d012f61fe8ee7dad432c80ee00b39081860429e2b4a1be1a5c0495664fb68

          SHA512

          b281d325a5355f41415556073c27637b5cd31f75df2f032d2421a613e1a376efbc2592845d9044448ecc8e335cef99e792487a17817a7d24866d1049ed8e3f9e

          Download Submit

        • memory/3164-4-0x0000000077612000-0x0000000077613000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3164-5-0x0000000000400000-0x0000000000403000-memory.dmp

          Filesize

          12KB

          Download

        • memory/4460-3-0x0000000000400000-0x0000000000411000-memory.dmp

          Filesize

          68KB

          Download