Analysis
-
max time kernel
119s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
31-08-2024 14:27
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
ecf1c18fd8e00059f7408f943e96f73aa08839601eec0bc2588fcb3e9c29d137.exe
Resource
win7-20240704-en
2 signatures
150 seconds
General
-
Target
ecf1c18fd8e00059f7408f943e96f73aa08839601eec0bc2588fcb3e9c29d137.exe
-
Size
415KB
-
MD5
c4cc29108ef8565e5251c56047586e20
-
SHA1
290a6b8d1d2b745d3a61be322ec9b729d5ba844d
-
SHA256
ecf1c18fd8e00059f7408f943e96f73aa08839601eec0bc2588fcb3e9c29d137
-
SHA512
ecdeaf0f4860bfd70ff9378485a3e952e9fb6eafca64c300b0cf24779357350814662f3648804021651a51f4fafd174a69dc796695c45f01c17efae89ca80477
-
SSDEEP
6144:pryyKsi2/CGBfHYTbILiniQCLZ4jekjEXL6cbr/mgppj3l3s1LOsoYYL2Ta0cI:pryyKsiWrLitCL0Or/VpprlkOsc8a9I
Malware Config
Signatures
-
Expiro payload 4 IoCs
Processes:
resource yara_rule behavioral1/memory/328-0-0x0000000000FBB000-0x000000000104E000-memory.dmp family_expiro1 behavioral1/memory/328-1-0x0000000000FBB000-0x000000000104E000-memory.dmp family_expiro1 behavioral1/memory/328-2-0x0000000000F50000-0x000000000104E000-memory.dmp family_expiro1 behavioral1/memory/328-3-0x0000000000F50000-0x000000000104E000-memory.dmp family_expiro1