0fc796cff44513648480ab59a918e91c8e996db2c495b977f9675c2c5531d5e8

General

Target

0fc796cff44513648480ab59a918e91c8e996db2c495b977f9675c2c5531d5e8.exe
Size

1.2MB
MD5

183b070a1d739e4ff99e2ddeb63bcf2d
SHA1

46bac9e4dd38016ac5482d2a7c9562db2dc048f7
SHA256

0fc796cff44513648480ab59a918e91c8e996db2c495b977f9675c2c5531d5e8
SHA512

7bb49495f80fc6ef11de61f5a93bad6ce98959dd928629f1aee54ee2188999f7c9975b654fc15f11bfc3148f8f0de782da5504f158895a9e18b4a9a4e953c9e0
SSDEEP

24576:+5PtYrvI/02C5KA5iSH0jgH6TngOe1bgwhQtLfmKJR:oNoj5egHS1e1saMpR

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 26 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/4980-0-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-34-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-41-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-46-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-45-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-44-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-39-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-37-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-32-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-30-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-28-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-26-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-22-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-18-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-16-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-10-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-8-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-6-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-2-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-24-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-20-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-14-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-12-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-4-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-35-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral2/memory/4980-1-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4980	0fc796cff44513648480ab59a918e91c8e996db2c495b977f9675c2c5531d5e8.exe
4980	0fc796cff44513648480ab59a918e91c8e996db2c495b977f9675c2c5531d5e8.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
4980	0fc796cff44513648480ab59a918e91c8e996db2c495b977f9675c2c5531d5e8.exe
4980	0fc796cff44513648480ab59a918e91c8e996db2c495b977f9675c2c5531d5e8.exe
4980	0fc796cff44513648480ab59a918e91c8e996db2c495b977f9675c2c5531d5e8.exe

C:\Users\Admin\AppData\Local\Temp\0fc796cff44513648480ab59a918e91c8e996db2c495b977f9675c2c5531d5e8.exe
"C:\Users\Admin\AppData\Local\Temp\0fc796cff44513648480ab59a918e91c8e996db2c495b977f9675c2c5531d5e8.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:4980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4980-0-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-34-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-41-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-46-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-45-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-44-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-39-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-37-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-32-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-30-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-28-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-26-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-22-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-18-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-16-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-10-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-8-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-6-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-2-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-24-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-20-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-14-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-12-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-4-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-35-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/4980-1-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download

Analysis

Sharing