Overview

overview

7

Static

static

3

0570b434ca...0N.exe

windows7-x64

7

0570b434ca...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-07-2024 14:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0570b434cacc40d045e036b6fbed28c0N.exe

  • Size

    23KB

  • MD5

    0570b434cacc40d045e036b6fbed28c0

  • SHA1

    58e2a1fc7bdfc626055416640600abf164c06868

  • SHA256

    636dad558208741d90a1806f7f4c85e617c5eaea088aab844edd19f989ce8c59

  • SHA512

    c3aa9cc971d001e74e539b6065c2e60763aa237002c0be6ce30c9dc312cc5dee20a9543fd25991cfe3ba1278ff4d1f11c2220faa98f47079d630a4626176d01a

  • SSDEEP

    384:ErzP/9VY21fumm2u/unLYcckYef2gkHh7w3OjvBPlO6MWfHp59I:ErzFfumm29niC2XH4ivPODWfJE

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0570b434cacc40d045e036b6fbed28c0N.exe
    "C:\Users\Admin\AppData\Local\Temp\0570b434cacc40d045e036b6fbed28c0N.exe"
    1⤵
    • Drops file in System32 directory
    PID:2960
    • C:\Windows\SysWOW64\rmass.exe
      "C:\Windows\SysWOW64\rmass.exe"
      2⤵
      • Executes dropped EXE
      PID:4928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\rmass.exe
    Filesize

    20KB

    MD5

    5141de815e10816c130fee82cbde5dd8

    SHA1

    50a5c1c2c8a6df1588682b32eb926b87e176bed2

    SHA256

    266427614ad10e98cfb113bc11b15e2146cac80bcec506a8a4c9e3836f977caf

    SHA512

    13ca500603cf75c2351051f917651ab8a320a0642d3fcba711166e9ce6d9bbf5149cb4762d1b4ca13e7298d7de7f859bb8cf5e38328905f68f2b6d8582d92da0

    Download Submit

  • memory/2960-5-0x0000000000400000-0x0000000000403000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2960-0-0x0000000077A42000-0x0000000077A43000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4928-4-0x0000000000400000-0x0000000000411000-memory.dmp

    Filesize

    68KB

    Download