Overview

overview

10

Static

static

10

48b6c0e78a...81.exe

windows7-x64

9

48b6c0e78a...81.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    142s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-07-2024 21:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    48b6c0e78a3525fa6c7bd30e553a8b0037c8552d9a8fa1fb218f672e50d20e81.exe

  • Size

    83KB

  • MD5

    15c5a68398d3632867db23979f70bb8f

  • SHA1

    0ceed8ce7cc5380beed69354eb3427e56aaff0c5

  • SHA256

    48b6c0e78a3525fa6c7bd30e553a8b0037c8552d9a8fa1fb218f672e50d20e81

  • SHA512

    cb8da140947379db0ec9f7214ccaadf1f7ad214801de7339338f8d5a8a76365e897c94b961b0559d219a5515129179d618eac51e3b799b9f259c50d247ecf64f

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+HK:LJ0TAz6Mte4A+aaZx8EnCGVuH

Score
9/10
upx

Malware Config

Signatures

  • UPX dump on OEP (original entry point) 7 IoCs
  • UPX packed file 7 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\48b6c0e78a3525fa6c7bd30e553a8b0037c8552d9a8fa1fb218f672e50d20e81.exe
    "C:\Users\Admin\AppData\Local\Temp\48b6c0e78a3525fa6c7bd30e553a8b0037c8552d9a8fa1fb218f672e50d20e81.exe"
    1⤵
      PID:2940
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4440,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=3440 /prefetch:8
      1⤵
        PID:4192

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Temp\rifaien2-b9NCCNknL4YuVo7b.exe
        Filesize

        83KB

        MD5

        1110bd4e3d39f834ee88a3e36d36e802

        SHA1

        a10eb27ea8dc8bdb429f6f6aadb6a12f311c8581

        SHA256

        eaa6aaee9b3b3cabeeeb628f99705666a15302cf581d52c9aeff7a4ae1146337

        SHA512

        b537a4f2fb6f52b929fb535ff68dadc146a7987502768d6c61ff37170e5e3f8a948f6f3d65a7a2de76fee2b8d77a3e6836ad2f5d1fca74f746b1e98481b4e7d4

        Download Submit

      • memory/2940-0-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/2940-1-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/2940-7-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/2940-14-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/2940-22-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download

      • memory/2940-28-0x0000000000400000-0x000000000042A000-memory.dmp

        Filesize

        168KB

        Download