Overview

overview

7

Static

static

1

Win10PEͫI...��.exe

windows7-x64

7

Win10PEͫI...��.exe

windows10-1703-x64

7

Win10PEͫI...��.exe

windows10-2004-x64

7

Win10PEͫI...��.exe

windows11-21h2-x64

7

Resubmissions

20/07/2024, 17:27

240720-v1emxavane 7

20/07/2024, 14:12

240720-rjbcda1ank 7

20/07/2024, 13:31

240720-qsf4jszenk 7

Analysis

  • max time kernel
    250s
  • max time network
    242s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    20/07/2024, 13:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Win10PEͫISO������θ��U+�����.exe

  • Size

    5.6MB

  • MD5

    07666772bd9ebe9ee1640d809cfebfac

  • SHA1

    3dd0e88237d7e07eb0bb6f8c2cb88193501a6ace

  • SHA256

    f2f1fc564105abe1c6bdd7fe761a2b311e3001635da5793a80ce5ea5815b5335

  • SHA512

    3fccc38a3be034600279b65574a952a221ec92e0271a0ba5851ee8ee09420cba1d652b93ea95ebe5abee76ddccd25df06e5628eb771974d7c033f826c738e460

  • SSDEEP

    98304:1gn4tDDhQuJMi/S7K5hotckS/jARtiax/L4uILoimOk5k3OhTZTzS9a8SSQxl9yg:1gnQDhQuqLSwUsHtsBmOk+3OtZTzPxB/

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Win10PEͫISO������θ��U+�����.exe
    "C:\Users\Admin\AppData\Local\Temp\Win10PEͫISO������θ��U+�����.exe"
    1⤵
    • NTFS ADS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1576

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\bottom165.jpg
          Filesize

          4KB

          MD5

          ab5174b12f6352a35fd06df6adfab11d

          SHA1

          b46c87f6956d6ad8419bccc27e11e4abc2fab517

          SHA256

          eb006a0313dadb01b1d7d914312aaef43aa14aa66e22a50db07046af75565c03

          SHA512

          01413705aca49c2e5b0181c2a4c2412f3fe453334a263a072508c785f083f900bf46e644c6444f8b3ae40618b66ae95b7993f80bc07b96feb42cb5dab4d57b9b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\hsds165\UltraISO.exe
          Filesize

          1.8MB

          MD5

          f0783ec7a00f0bb6a29fc9f7be5e75d0

          SHA1

          2977648c9d3a71df0d7693ecd1a78eb4a5863136

          SHA256

          198358d18ddcefebe4b5aa9474f040dcc34565847229d8f2612e651c665dc606

          SHA512

          bc276d30cecba5d479f463493b079dd6055bbb7db315373f83e4cfa10f661ac41b47d5f099ae5f9a70de57a15cf3245514ef43b51f2ab43dc818583eb18c586f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\logo165.jpg
          Filesize

          23KB

          MD5

          fbba1b9705ee26d0761bf412fd6606f5

          SHA1

          527af875a28ee8a3617d68f9750fe4303388cc85

          SHA256

          983601e712adb4effc336e6db1f9d12bc06a8bf1def84b8d3d4714292a7f5a60

          SHA512

          2b2d522bdfc398346beda4635f5c9c4fe38f6a108ab9256faffa80539a39017bfc26e12088f42b3490b54c582cfacdd764efdb23ef9c5ca3f5fc6fe92660d051

          Download Submit

        • memory/1576-0-0x0000000000400000-0x0000000000F62000-memory.dmp

          Filesize

          11.4MB

          Download

        • memory/1576-20-0x0000000000400000-0x0000000000F62000-memory.dmp

          Filesize

          11.4MB

          Download