Overview

overview

7

Static

static

7

2e3708ab0c...0N.exe

windows7-x64

7

2e3708ab0c...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    102s
  • max time network
    104s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-07-2024 23:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e3708ab0c33c535e7d062521e8ebca0N.exe

  • Size

    9.0MB

  • MD5

    2e3708ab0c33c535e7d062521e8ebca0

  • SHA1

    371a37b360546915a6274ed6e27f41c9b602dfac

  • SHA256

    9d7720bd69aa6a29220376e40e3cbedc37c7ebe8e3989f3526041c02e9fcf401

  • SHA512

    43318a9b4baced5e4fe03159aba77de2efd25f6baa719d2cd6fa276328c817b6378fd3fc53422da14026d017fbaa92f602f6b88554f3b3523358563cf172a9c5

  • SSDEEP

    196608:3HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHf:3HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHf

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2e3708ab0c33c535e7d062521e8ebca0N.exe
    "C:\Users\Admin\AppData\Local\Temp\2e3708ab0c33c535e7d062521e8ebca0N.exe"
    1⤵
    • Drops file in System32 directory
    PID:3732
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:4792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    9.2MB

    MD5

    da5cf4205643c5e529d24dece5dd5576

    SHA1

    d703c9f7019fec5e8967170a037444e34bcb4f19

    SHA256

    f883b1cb63240cf92025d1932dbccae56b55d613161f5e62430770636c8f1c59

    SHA512

    0ee13cdc88cf4d2d9beb2f2390014e7a835ee4137a7c42133afa80d75b20346a961ae78e77c34deda893f2dc614c037c0f7322bfbf8e5c36fbfb4d5ab96ef0fc

    Download Submit

  • memory/3732-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/3732-2-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/3732-1-0x0000000000401000-0x0000000000402000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3732-9-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/4792-6-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download