62c6091d6823e53697522c0cc46c4f6c0e651d908122679d3fcfaeac8e448b95

Submit
Reports

Overview

overview

Static

static

IDA Pro 8....GPT.py

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....ch.dll

windows10-1703-x64

IDA Pro 8....64.dll

windows10-1703-x64

IDA Pro 8....IDA.py

windows10-1703-x64

IDA Pro 8....RT.dll

windows10-1703-x64

IDA Pro 8....64.dll

windows10-1703-x64

IDA Pro 8....CC.dll

windows10-1703-x64

IDA Pro 8....64.dll

windows10-1703-x64

IDA Pro 8....GPT.py

windows10-1703-x64

IDA Pro 8...._re.py

windows10-1703-x64

IDA Pro 8....rm.dll

windows10-1703-x64

IDA Pro 8....64.dll

windows10-1703-x64

IDA Pro 8....ing.py

windows10-1703-x64

IDA Pro 8....t__.py

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....ons.py

windows10-1703-x64

IDA Pro 8....asm.py

windows10-1703-x64

IDA Pro 8....ore.py

windows10-1703-x64

IDA Pro 8....ons.py

windows10-1703-x64

IDA Pro 8....t__.py

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

IDA Pro 8....38.pyc

windows10-1703-x64

Analysis

max time kernel
134s
max time network
137s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
12-10-2024 17:07

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx industroyer

4 signatures

Behavioral task

behavioral1

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/Auto-WPeGPT_WPeace/Auto_WPeGPT.py

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/Auto-WPeGPT_WPeace/__pycache__/Auto_WPeGPT.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

IDA Pro 8.3 (x86_ x86_64) additional by QiuChenly/plugins/IDA_Signsrch.dll

Resource

win10-20240611-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

IDA Pro 8.3 (x86_ x86_64) additional by QiuChenly/plugins/IDA_Signsrch64.dll

Resource

win10-20240404-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/LazyIDA.py

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

IDA Pro 8.3 (x86_ x86_64) additional by QiuChenly/plugins/OllyDumpEx_IdaRT.dll

Resource

win10-20240404-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

IDA Pro 8.3 (x86_ x86_64) additional by QiuChenly/plugins/OllyDumpEx_IdaRT64.dll

Resource

win10-20240404-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

IDA Pro 8.3 (x86_ x86_64) additional by QiuChenly/plugins/StrongCC.dll

Resource

win10-20240404-en

upx

windows10-1703-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

IDA Pro 8.3 (x86_ x86_64) additional by QiuChenly/plugins/StrongCC_x64.dll

Resource

win10-20240404-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/WPeChatGPT.py

Resource

win10-20240404-en

windows10-1703-x64

4 signatures

150 seconds

Behavioral task

behavioral11

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/auto_re.py

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

IDA Pro 8.3 (x86_ x86_64) additional by QiuChenly/plugins/hexarm.dll

Resource

win10-20240404-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

IDA Pro 8.3 (x86_ x86_64) additional by QiuChenly/plugins/hexarm64.dll

Resource

win10-20240611-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching.py

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/__init__.py

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/__pycache__/__init__.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/__pycache__/actions.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral18

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/__pycache__/asm.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/__pycache__/core.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral20

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/__pycache__/exceptions.cpython-38.pyc

Resource

win10-20240611-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/actions.py

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral22

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/asm.py

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/core.py

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral24

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/exceptions.py

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral25

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/keystone/__init__.py

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral26

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/keystone/__pycache__/__init__.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/keystone/__pycache__/arm64_const.cpython-38.pyc

Resource

win10-20240611-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral28

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/keystone/__pycache__/arm_const.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/keystone/__pycache__/evm_const.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral30

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/keystone/__pycache__/hexagon_const.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/keystone/__pycache__/keystone.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral32

Sample

IDA Pro 8.3 (x86, x86_64) additional by QiuChenly/plugins/patching/keystone/__pycache__/keystone_const.cpython-38.pyc

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

IDA Pro 8.3 (x86_ x86_64) additional by QiuChenly/plugins/StrongCC.dll
Size

57KB
MD5

7c05c6a3e2df4e45c410cc16bbb44ccf
SHA1

91c349e223f7af91c40f47a53ec00fda9eb482fd
SHA256

34435722c216f429394a48e13232fc3cb65d513856502c5c779f98ffb24be699
SHA512

867127f978c804964033f50cb7bb2ddb7ddc1aa23e75cb166d9f5b78554031c3892e407b4096d4633f48214050342901a197130a2aeb80cc4e9a17d3cacedc27
SSDEEP

1536:RyHrUzyOb2b8q0V31kjRL3sH4EH97+we1g0H3Upihukl:6ru2b8RaFLsHR97+B1g23o

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
behavioral8/memory/4144-0-0x00007FFD6DF50000-0x00007FFD6DF77000-memory.dmp	upx

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\IDA Pro 8.3 (x86_ x86_64) additional by QiuChenly\plugins\StrongCC.dll",#1
1⤵
PID:4144

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4144-0-0x00007FFD6DF50000-0x00007FFD6DF77000-memory.dmp

Filesize
156KB

Download