Overview

overview

7

Static

static

7

2e3708ab0c...0N.exe

windows7-x64

7

2e3708ab0c...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    21-07-2024 23:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e3708ab0c33c535e7d062521e8ebca0N.exe

  • Size

    9.0MB

  • MD5

    2e3708ab0c33c535e7d062521e8ebca0

  • SHA1

    371a37b360546915a6274ed6e27f41c9b602dfac

  • SHA256

    9d7720bd69aa6a29220376e40e3cbedc37c7ebe8e3989f3526041c02e9fcf401

  • SHA512

    43318a9b4baced5e4fe03159aba77de2efd25f6baa719d2cd6fa276328c817b6378fd3fc53422da14026d017fbaa92f602f6b88554f3b3523358563cf172a9c5

  • SSDEEP

    196608:3HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHf:3HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHf

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2e3708ab0c33c535e7d062521e8ebca0N.exe
    "C:\Users\Admin\AppData\Local\Temp\2e3708ab0c33c535e7d062521e8ebca0N.exe"
    1⤵
    • Drops file in System32 directory
    PID:1976
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:2136

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    9.2MB

    MD5

    032c3d6dfe29d9532786a058006410d8

    SHA1

    72186c04cfc486232ba94810f46349e6c8ca033e

    SHA256

    93706d7778eb440a4135b44874982ece50d8c0e3cdd8bacbbefe2ccdde04b067

    SHA512

    64f0e1f0bc824ee2a5a6436a03a05f57f0472f33304a03d2f65f9733d6d544b46bce3e1ceb97eebd5054d99b1de97101dc9c30d97c7e1d5fcc4e64454ccb2ac0

    Download Submit

  • memory/1976-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/1976-2-0x00000000003B0000-0x00000000003B5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/1976-3-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2136-5-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2136-7-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download