Overview

overview

10

Static

static

3

UB.GG Spoo...us.exe

windows7-x64

7

UB.GG Spoo...us.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15/03/2025, 13:29 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UB.GG Spoofer Cracked by Exodus.exe

  • Size

    34.0MB

  • MD5

    98838ee393c8607539e1774c5d6e3318

  • SHA1

    e90886e0a49d11ae38eaf48671b2a17a822eaf3f

  • SHA256

    7d0e9c05b116984f6a7cee2970b40cf883e6e9510cd4d18fa55aa2efe53396de

  • SHA512

    020a3745295e008dfd591172f52815802a787bfdd8197ea26591a2c4e328baa1a9e88701895d0096133c86fb5556aebd1bff516243024bac8d02f37b0f5d3bf4

  • SSDEEP

    196608:30qKAiLknqkPYeveN4+wfm/pf+xfdkRq8xKpr2WOHWKD3ueH:h6SM4+9/pWFGR30pr2W673BH

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\UB.GG Spoofer Cracked by Exodus.exe
    "C:\Users\Admin\AppData\Local\Temp\UB.GG Spoofer Cracked by Exodus.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Users\Admin\AppData\Local\Temp\UB.GG Spoofer Cracked by Exodus.exe
      "C:\Users\Admin\AppData\Local\Temp\UB.GG Spoofer Cracked by Exodus.exe"
      2⤵
      • Loads dropped DLL
      PID:2756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI20082\python311.dll
    Filesize

    1.6MB

    MD5

    db09c9bbec6134db1766d369c339a0a1

    SHA1

    c156d9f2d0e80b4cf41794cd9b8b1e8a352e0a0b

    SHA256

    b1aac1e461174bbae952434e4dac092590d72b9832a04457c94bd9bb7ee8ad79

    SHA512

    653a7fff6a2b6bffb9ea2c0b72ddb83c9c53d555e798eea47101b0d932358180a01af2b9dab9c27723057439c1eaffb8d84b9b41f6f9cd1c3c934f1794104d45

    Download Submit

  • memory/2756-48-0x000007FEF5790000-0x000007FEF5D78000-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2756-49-0x000007FEF5790000-0x000007FEF5D78000-memory.dmp

    Filesize

    5.9MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.