Overview

overview

7

Static

static

7

b61d02013c...0N.exe

windows7-x64

7

b61d02013c...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    99s
  • max time network
    111s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/07/2024, 13:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b61d02013c2d67a087512411217e1130N.exe

  • Size

    8.5MB

  • MD5

    b61d02013c2d67a087512411217e1130

  • SHA1

    ae1a30753e80b2a87425b6910380688465ff4dcd

  • SHA256

    1f7b17990f17bcf276df45278a029088d53aae7bd9a5753f22ade0fbb96ac352

  • SHA512

    1d60aaf94b81a67775ffe1ca925232f6258cc95919a0637d0ed10806d34c46658580fa151944267aedfb1d228ea8bab9e36079dcf5d7843fd5085079d19fd0d7

  • SSDEEP

    196608:tXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXKjjjjjjjjjjjjjjjjjjr:0jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjr

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b61d02013c2d67a087512411217e1130N.exe
    "C:\Users\Admin\AppData\Local\Temp\b61d02013c2d67a087512411217e1130N.exe"
    1⤵
    • Drops file in System32 directory
    PID:4496
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:4200

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\svrwsc.exe
          Filesize

          8.8MB

          MD5

          6044f31ff99bd4d1f5ac1d38e8667696

          SHA1

          612e6c86b2e208fe847a17e25266c4fe748f33e1

          SHA256

          c7aaa28e72c292e428f88762c80588879c7a2ec4b0b4f457cee7fcb27e44bb47

          SHA512

          6532c70d1561b80a3e18d2fac0987b2975225ceb2079535b47cc4d98c8ae3fba341ba10cf6f4e6e393bffaae5c798a4782fe86f8ab0b6b0f69899f74727aae49

          Download Submit

        • memory/4200-6-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/4496-0-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/4496-2-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/4496-1-0x0000000000401000-0x0000000000402000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4496-9-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download