Overview

overview

10

Static

static

7

0da334a11c...60.exe

windows7-x64

8

1.0.exe

windows7-x64

5

1AB13RN57.exe

windows7-x64

8

2009007981...bs.exe

windows7-x64

7

302746537.exe

windows7-x64

7

319874ec78...c1.exe

windows7-x64

7

6eec624668...e4.exe

windows7-x64

7

74c002aafd...a2.exe

windows7-x64

1

7934625ee2...11.exe

windows7-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    17-07-2024 12:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    302746537.exe

  • Size

    22KB

  • MD5

    8703ff2e53c6fd3bc91294ef9204baca

  • SHA1

    3dbb8f7f5dfe6b235486ab867a2844b1c2143733

  • SHA256

    3028a2b0e95143a4caa9bcd6ae794958e7469a20c6e673da067958cbf4310035

  • SHA512

    d5eb8a07457a78f9acd0f81d2f58bbf64b52183318b87c353a590cd2a3ac3a6ec9c1452bd52306c7cf99f19b6a897b16ceb8289a7d008c5ce3b07eda9b871204

  • SSDEEP

    384:fIiV728hUQ7Y2P/cVEccDdye7kjlWLe7grPiA8jyrMPhTjanbBoZht0MZaNJawcM:fRGuY2P0Vo6r7SiAwyrMRjbSMcnbcuy8

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\302746537.exe
    "C:\Users\Admin\AppData\Local\Temp\302746537.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2892
    • C:\Windows\SysWOW64\cmd.exe
      cmd /c ""C:\Users\Admin\AppData\Local\Temp\673B.tmp\302746537.bat" "
      2⤵
        PID:2900

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\673B.tmp\302746537.bat
      Filesize

      348B

      MD5

      7d8beb22dfcfacbbc2609f88a41c1458

      SHA1

      52ec2b10489736b963d39a9f84b66bafbf15685f

      SHA256

      4aa9ed4b38514f117e6e4f326cb0a1be7f7b96199e21305e2bd6dce289d7baa2

      SHA512

      a26cf9168cf7450435a9fe8942445511f6fda1087db52bd73e335d6f5b544fc892999019d9291d9dcc60c3656de49688f6d63282c97706e2db286f988e44fd94

      Download Submit

    • memory/2892-0-0x0000000000400000-0x0000000000410000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2892-16-0x0000000000400000-0x0000000000410000-memory.dmp

      Filesize

      64KB

      Download