Overview

overview

7

Static

static

3

2e89392c97...0N.exe

windows7-x64

7

2e89392c97...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    13s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    28-07-2024 01:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e89392c978254818a7aaf24a6223a00N.exe

  • Size

    24KB

  • MD5

    2e89392c978254818a7aaf24a6223a00

  • SHA1

    b05a441f86539c8479ce543d263140988cee0fcd

  • SHA256

    b7ca5bf2e829a7fdf66bda8606db4c473a47c667ec9a523107779de420e9628b

  • SHA512

    c9c40035eedc0c8d3c9ba4b34e4ffa06f039315b9d9209a1f0899bdec86a631983451b39a56572e5f5651423fa851983dae4d2bbb534b7644adb5ad15422f1cd

  • SSDEEP

    384:ErzPTDiJZdo6JXoNXeFEnPHshPwpL/ExTg1kbI6QB1U7Z/5nhz4csPqsozt:ErzaZNJunPHsh6yTg1qIRB1cES

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2e89392c978254818a7aaf24a6223a00N.exe
    "C:\Users\Admin\AppData\Local\Temp\2e89392c978254818a7aaf24a6223a00N.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    PID:2444
    • C:\Windows\SysWOW64\rmass.exe
      "C:\Windows\SysWOW64\rmass.exe"
      2⤵
      • Executes dropped EXE
      PID:1792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\rmass.exe
    Filesize

    21KB

    MD5

    6f93d5c8ad8f740929c56d65305f8b4c

    SHA1

    dffe6702a0cb73dcc7f5f698f48926c7c8ab5460

    SHA256

    4ebead0d19124119c8241eb994d0240626d22db7cacfe83b9bbbf5377da43831

    SHA512

    ec0fdabf796438c6a33ffa31381d7ef2c7463baedbc737f6d19cce0eea41bfbab8031d43b340d30570ff643b3939d614e23a88d7f9d331ed4d2ae094ce7ad9ad

    Download Submit

  • memory/1792-5-0x0000000000400000-0x0000000000411000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2444-6-0x0000000000400000-0x0000000000403000-memory.dmp

    Filesize

    12KB

    Download