Overview

overview

7

Static

static

7

193f9115c9...0N.exe

windows7-x64

7

193f9115c9...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    16s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    23-08-2024 16:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    193f9115c9bf747e4817552a04f530a0N.exe

  • Size

    9.8MB

  • MD5

    193f9115c9bf747e4817552a04f530a0

  • SHA1

    ea3b4151f3248ba72ec1a3db391a68b51ffeef99

  • SHA256

    4f73fed18307e6430dc9ef699f35aecbc059ac7d0e6e2e146daa8c205ad5a3f7

  • SHA512

    ba812ee197a372198be26be678bf31230f8aff90943b90924aba286ef27e215beedb5f9b4af88b6dcd86f1f45e2d231bcc76ed96ca6e7c0624cb99261c899fc7

  • SSDEEP

    196608:Niiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii9mmmmmmmmmmmmmmmmm0:zmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm1

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\193f9115c9bf747e4817552a04f530a0N.exe
    "C:\Users\Admin\AppData\Local\Temp\193f9115c9bf747e4817552a04f530a0N.exe"
    1⤵
    • Drops file in System32 directory
    PID:2684
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    10.2MB

    MD5

    8bfeed2abd7ce177aacbe6a4727fbff2

    SHA1

    20bda60984a17ea31562083f3bc06e1ac5df4d2e

    SHA256

    64dc8e81cfd9ae55edd15c990236cd17a53b7df52e7161a843bb55833a38d854

    SHA512

    a26272a61ec146ff171f34027d89f8975704aaa92375c26f55ea270eb56ce9cbacd4daaa7cc886ec3fa69380d2d245bc99e84fff8744b88c380cb675d6791979

    Download Submit

  • memory/468-5-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/468-7-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2684-2-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2684-1-0x00000000003B0000-0x00000000003B5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2684-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2684-9-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download