69f6908603cacaf9a1c516d043e3afea67d254ace853219a4b89d661c50fdac5

Analysis

max time kernel
93s
max time network
102s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
22-07-2024 20:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0636ff55708bd22f9c773b3627606140N.exe
Size

278KB
MD5

0636ff55708bd22f9c773b3627606140
SHA1

77b8715eeb393ac0b8c6ac01489172e206f4222e
SHA256

69f6908603cacaf9a1c516d043e3afea67d254ace853219a4b89d661c50fdac5
SHA512

569ec1faca594359d8430a61a6079d04df87378a11d28c3733cfec9bdc5f1c12e465c91c1ba159e0505340f0b6f8e36d97c2d028a9e9f2958d735b563d4ac832
SSDEEP

6144:uuq1yy/pjnkWcLkONgMDGMHTiLCwKurwdaCM3SpeK+zUG7:y1yc9kWc4u7DGMyCdhwSpe/7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/3832-0-0x0000000000400000-0x0000000000418000-memory.dmp	upx
behavioral2/files/0x00070000000234df-5.dat	upx
behavioral2/memory/3832-18-0x0000000000400000-0x0000000000418000-memory.dmp	upx

Drops file in Windows directory 17 IoCs

description	ioc	Process
File created	C:\Windows\win32dc\Half-Life 2_patch.exe	0636ff55708bd22f9c773b3627606140N.exe
File created	C:\Windows\win32dc\BattleField 1942 cheat.exe	0636ff55708bd22f9c773b3627606140N.exe
File opened for modification	C:\Windows\win32dc\BattleField 1942 cheat.exe	0636ff55708bd22f9c773b3627606140N.exe
File opened for modification	C:\Windows\win32dc\FlatOut nocd.exe	0636ff55708bd22f9c773b3627606140N.exe
File created	C:\Windows\win32dc\DAoC + trainer.exe	0636ff55708bd22f9c773b3627606140N.exe
File created	C:\Windows\win32dc\Doom 3 codes.exe	0636ff55708bd22f9c773b3627606140N.exe
File created	C:\Windows\win32dc\BattleField 1942(cdfix).exe	0636ff55708bd22f9c773b3627606140N.exe
File created	C:\Windows\win32dc\Counter-Strike + fix.exe	0636ff55708bd22f9c773b3627606140N.exe
File opened for modification	C:\Windows\win32dc\Counter-Strike + fix.exe	0636ff55708bd22f9c773b3627606140N.exe
File opened for modification	C:\Windows\win32dc\Doom 3 codes.exe	0636ff55708bd22f9c773b3627606140N.exe
File created	C:\Windows\win32dc\Quake3(patch).exe	0636ff55708bd22f9c773b3627606140N.exe
File opened for modification	C:\Windows\win32dc\Quake3(patch).exe	0636ff55708bd22f9c773b3627606140N.exe
File created	C:\Windows\win32dc\FlatOut nocd.exe	0636ff55708bd22f9c773b3627606140N.exe
File opened for modification	C:\Windows\win32dc\DAoC + trainer.exe	0636ff55708bd22f9c773b3627606140N.exe
File created	C:\Windows\win32dc\UT2004 hack.exe	0636ff55708bd22f9c773b3627606140N.exe
File created	C:\Windows\win32dc\UT2004(trainer).exe	0636ff55708bd22f9c773b3627606140N.exe
File opened for modification	C:\Windows\win32dc\Half-Life 2_patch.exe	0636ff55708bd22f9c773b3627606140N.exe

C:\Users\Admin\AppData\Local\Temp\0636ff55708bd22f9c773b3627606140N.exe
"C:\Users\Admin\AppData\Local\Temp\0636ff55708bd22f9c773b3627606140N.exe"
1⤵
- Drops file in Windows directory
PID:3832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\win32dc\BattleField 1942 cheat.exe

Filesize
282KB

MD5
c3f309a00e1b03b53689c7edd8507a9f

SHA1
7cbcd61b1cca987274934ba2e32ad6e4fcef1460

SHA256
570513dba79c99c8edc745e50b3c616337e49135e23bf171de33e4476f419103

SHA512
f3ad1cf0c55d2c66d53104c24ab83c0e8cbeb59d10a6cd223629c7d69e7d44f0ca91dd27e00c7e7ad18915da1f380e7b13e00fa750cb39f78c077e4c83f57417

Download Submit
memory/3832-0-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download
memory/3832-18-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads