Overview

overview

7

Static

static

7

32198314bb...0N.exe

windows7-x64

7

32198314bb...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    12-07-2024 04:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    32198314bb43b219c0fa2caf1ebf3200N.exe

  • Size

    9.1MB

  • MD5

    32198314bb43b219c0fa2caf1ebf3200

  • SHA1

    39940ddd786b050402196fe7e2e4ccc0af8030df

  • SHA256

    dce871f41998656c962a289bf09f706ad7fa7fc92868b62a94e32e6116379da8

  • SHA512

    b8738352b159b30fc8bf7f065275fef452f66139e96191f7cbbdbc3e8cf1ce74cba92ac2514f2cdc3dbe9982dd01c292e63ed15d094c6a88a83ce184c8c6a7dc

  • SSDEEP

    196608:c++++++++++++++++++++++++++++++++++++++++++++g:H

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\32198314bb43b219c0fa2caf1ebf3200N.exe
    "C:\Users\Admin\AppData\Local\Temp\32198314bb43b219c0fa2caf1ebf3200N.exe"
    1⤵
    • Drops file in System32 directory
    PID:2580
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:2692

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    9.2MB

    MD5

    0a549c31f7aeb2cda725cd56145c4126

    SHA1

    241f1a5d22723282f070b5e3a916f255a93674d1

    SHA256

    10940917dda05bda68495f727de2890f11c0264e1481ea41806cc731f8d9b926

    SHA512

    550c708ec44f8791cf42006d743bf22ff044dbd398562959c45c3be99387e69b075a7c777bc2de6e64b5b0341308e3b57302d482909decea9b2b5f542f1bccb2

    Download Submit

  • memory/2580-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2580-3-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2580-2-0x00000000003B0000-0x00000000003B5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2692-5-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2692-8-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2692-7-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download