Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    19-06-2024 18:40

General

  • Target

    $PLUGINSDIR/nsis.exe

  • Size

    449KB

  • MD5

    68870fb83ad7de49f367d4859880d75d

  • SHA1

    e3bec33886fa8eda218e91afd4e88938b03edd1c

  • SHA256

    c063ae51c33f73275bd5d643aa760d4994175f377fc23ea8e0bd68ee77fba616

  • SHA512

    a55d7cce60b882dd476dc1192e8fa957c7a5c42d393f08eba2959b4f9a7778da7e49cdf2d4da403e98669911e82924d3017d669d4983f3db6b06f06f881e1420

  • SSDEEP

    12288:vmz9UIKoZfP5AgTM9L1Vu7KBWA10zRQVcYQrRT0:bgPTTM9xC/20zucbG

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsis.exe
    "C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\nsis.exe"
    1⤵
      PID:1992

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1992-0-0x0000000000400000-0x0000000000542000-memory.dmp

      Filesize

      1.3MB

    • memory/1992-1-0x0000000000230000-0x0000000000231000-memory.dmp

      Filesize

      4KB

    • memory/1992-3-0x0000000000400000-0x0000000000542000-memory.dmp

      Filesize

      1.3MB