Resubmissions
27/09/2024, 12:24
240927-plfzjasdqn 10Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
27/09/2024, 12:24
General
-
Target
Exm Paid Tweaks.exe
-
Size
7.4MB
-
MD5
fb85c9ed03b0ba5a1cb056918422b013
-
SHA1
68e862e622451164142f5143965109097daf3353
-
SHA256
335e38a7985a1357ffe96c98258a8a8a4e10897a3a5bd97c06de9a8f5bc98c7b
-
SHA512
832978b77aae80cf12d6feea3bb54c7c5766985e0279c78d4164b2499e8b9c1269f6ce709e4b899fe4687240f47f3673803f29804063c6a7c5ae96468c2178f0
-
SSDEEP
196608:jY8PgLjv+bhqNVoB0SEsucQZ41JBbIR11tY:c8PwL+9qz80SJHQK1JI1vY
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Exm Paid Tweaks.exe"C:\Users\Admin\AppData\Local\Temp\Exm Paid Tweaks.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\Exm Paid Tweaks.exe"C:\Users\Admin\AppData\Local\Temp\Exm Paid Tweaks.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.6MB
MD576eb1ad615ba6600ce747bf1acde6679
SHA1d3e1318077217372653be3947635b93df68156a4
SHA25630be871735591ad96bc3fc7e541cdef474366159c2f7443feb30739cbd2db7e1
SHA5122b960e74dd73f61d6a44fef0de9f2d50bcf2ec856b7aa5b97f0107e3cdadea461790760668a67db2ecaf71ff323133ee39ce2b38aafff3629c14e736d6a64aeb
-
Filesize
5.9MB