Overview

overview

7

Static

static

7

47abeea6a5...0N.exe

windows7-x64

7

47abeea6a5...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    15s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    24/07/2024, 04:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    47abeea6a54e469dd6453287c388d1d0N.exe

  • Size

    8.8MB

  • MD5

    47abeea6a54e469dd6453287c388d1d0

  • SHA1

    346a7e05d8fc1cbd62182cfb4ef332665ce6297e

  • SHA256

    3f628556b323a75db7be18f313198e4231baf1f5f3052734eccee06e7855b7b5

  • SHA512

    547551cdc90cb161bd6f230d216ad16c034242a54b096db10994959dd848f31cdb26e33d3b16375cc6b4d1074ef68f5db54c887c6c8c26df8444a2b598c12c41

  • SSDEEP

    98304:rGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGLtttttttttttttttttt7:0gggggggggggggggggggggq

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\47abeea6a54e469dd6453287c388d1d0N.exe
    "C:\Users\Admin\AppData\Local\Temp\47abeea6a54e469dd6453287c388d1d0N.exe"
    1⤵
    • Drops file in System32 directory
    PID:2092
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:2800

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\svrwsc.exe
          Filesize

          9.0MB

          MD5

          5e1b363af06dd32ff212218ec5df70dc

          SHA1

          5a428c9e508b238a78d22ca74c475719152c578e

          SHA256

          3913f1c684f1aaa5331f5959ddd932ba647e841d56065aeb9de15c459b4ba2ff

          SHA512

          a6725e77392ad15da4d718126bc2206d8f68f2c9bd5091dcd2308c055a023d999a2b14ad67d6f4f86433194c916685904eae928e4d5a88a93d03508ed87bf758

          Download Submit

        • memory/2092-0-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/2092-2-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/2092-1-0x00000000003B0000-0x00000000003B5000-memory.dmp

          Filesize

          20KB

          Download

        • memory/2092-7-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download

        • memory/2800-6-0x0000000000400000-0x000000000042B000-memory.dmp

          Filesize

          172KB

          Download