Overview

overview

7

Static

static

7

AutoHotkey1000.exe

windows11-21h2-x64

7

$PLUGINSDI...ns.dll

windows11-21h2-x64

3

AU3_Spy.exe

windows11-21h2-x64

3

AutoHotkey.chm

windows11-21h2-x64

1

AutoHotkey.exe

windows11-21h2-x64

3

Compiler/Ahk2Exe.exe

windows11-21h2-x64

7

Compiler/A...SC.exe

windows11-21h2-x64

3

Compiler/upx.exe

windows11-21h2-x64

7

uninst.exe

windows11-21h2-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    95s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    14/09/2024, 14:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Compiler/upx.exe

  • Size

    92KB

  • MD5

    6ef20e56d1f5eb53882e71a29701138e

  • SHA1

    2b326e5003fc6f3ca35e33cad9263624974771c6

  • SHA256

    67bac3b5650c719fbc15dcdb5ccb2dd07414876f6b55baa967342356d80357dd

  • SHA512

    f9d7e6cdd2971e947a74b3c88b29fa92a75f517a098e1e77f7ae292bc64002683151fd654eb04b4b762325c4bd41a00356ade566f6213f2b9e0eae2f4ce83063

  • SSDEEP

    1536:rch86wguitL/ZtMN0SYgrWZPpz8n5Ir6jPy1HqPWPCGwJs/5zwUOjVFLsm:cmnix/ZtdFgrWZd8nir31KuP7wJE5zC/

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\Compiler\upx.exe
    "C:\Users\Admin\AppData\Local\Temp\Compiler\upx.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4504

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4504-0-0x0000000000400000-0x000000000043A000-memory.dmp

    Filesize

    232KB

    Download

  • memory/4504-2-0x0000000000400000-0x000000000043A000-memory.dmp

    Filesize

    232KB

    Download