Overview

overview

7

Static

static

7

14bdd9ad51...0N.exe

windows7-x64

7

14bdd9ad51...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/07/2024, 21:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    14bdd9ad5100c1c657e2790eb0a2b5e0N.exe

  • Size

    9.8MB

  • MD5

    14bdd9ad5100c1c657e2790eb0a2b5e0

  • SHA1

    41dd35c98c3d97137d51190908f2c1764a34707c

  • SHA256

    a71decbeb968ab13490dbf3ff02b5abf78257f6c5de7bd3d7bc48544ebf505bd

  • SHA512

    7d667875e5f95163b2b0acc76417fe031b49ea23711886ec1ef8f8efdb39cc2472b98422c3fedeafd3adbb3e99ba1b7700666b427cebf494059956621b7cd672

  • SSDEEP

    196608:HUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU:HUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUT

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\14bdd9ad5100c1c657e2790eb0a2b5e0N.exe
    "C:\Users\Admin\AppData\Local\Temp\14bdd9ad5100c1c657e2790eb0a2b5e0N.exe"
    1⤵
    • Drops file in System32 directory
    PID:620
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:3148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    10.0MB

    MD5

    2144a225ba46ca98726c81f1ff3fedbf

    SHA1

    96aecdd792b9fa66aae78cdf3d20e4dbbfb00712

    SHA256

    57f6f28cb3c4813a9a09420dc684aeacb2a2fce6b2225e62e6d066640a3b6d4a

    SHA512

    ac7852bc48f1d89996e4d21383f081e505fd168346d6a676a06f3ba4e11e7664d5a375c7da5f62bf4deaf204192291cd96ebe73e873e37cd6c8d17d6eff7bf6d

    Download Submit

  • memory/620-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/620-1-0x0000000000401000-0x0000000000402000-memory.dmp

    Filesize

    4KB

    Download

  • memory/620-2-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/620-9-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/3148-6-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download