Overview

overview

7

Static

static

7

14bdd9ad51...0N.exe

windows7-x64

7

14bdd9ad51...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    16s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 21:46

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    14bdd9ad5100c1c657e2790eb0a2b5e0N.exe

  • Size

    9.8MB

  • MD5

    14bdd9ad5100c1c657e2790eb0a2b5e0

  • SHA1

    41dd35c98c3d97137d51190908f2c1764a34707c

  • SHA256

    a71decbeb968ab13490dbf3ff02b5abf78257f6c5de7bd3d7bc48544ebf505bd

  • SHA512

    7d667875e5f95163b2b0acc76417fe031b49ea23711886ec1ef8f8efdb39cc2472b98422c3fedeafd3adbb3e99ba1b7700666b427cebf494059956621b7cd672

  • SSDEEP

    196608:HUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU:HUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUT

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\14bdd9ad5100c1c657e2790eb0a2b5e0N.exe
    "C:\Users\Admin\AppData\Local\Temp\14bdd9ad5100c1c657e2790eb0a2b5e0N.exe"
    1⤵
    • Drops file in System32 directory
    PID:2076
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:1980

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\svrwsc.exe
          Filesize

          10.2MB

          MD5

          9d41dc475cf15a7259f7db0a0b6e2664

          SHA1

          bc5cf1ec4f12a0a9f25036c837e166626e45f0a0

          SHA256

          3d850f0086e3bf5828d7955794dbc19f49d3446814bf2b262860ed0b68e0ad95

          SHA512

          0f1841b3c6e090aa54c1f37d4d7fbf8c18456b7905e8faf77f985533f57bcaaa74403dd9ed7c7d75ecbd941fa329bfdf800e7fa32b9ce275d4061eaff1751326

          Download Submit

        • memory/1980-5-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/1980-6-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/2076-0-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/2076-2-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/2076-1-0x00000000003B0000-0x00000000003B5000-memory.dmp

          Filesize

          20KB

          Download

        • memory/2076-7-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download