667cb510540d8e7a6cd30007d30a8ca11110dde57bd03d2cbf87ca6b7868bdb9

Submit
Reports

Overview

overview

Static

static

ee5fd05cf5...c3.exe

windows7-x64

ee5fd05cf5...c3.exe

windows10-2004-x64

ee69b74300...91.exe

windows7-x64

ee69b74300...91.exe

windows10-2004-x64

ee907a3b63...42.exe

windows7-x64

ee907a3b63...42.exe

windows10-2004-x64

eea4dcd11b...6f.exe

windows7-x64

eea4dcd11b...6f.exe

windows10-2004-x64

eebe0a35fa...82.exe

windows7-x64

eebe0a35fa...82.exe

windows10-2004-x64

eee37b5af1...b0.exe

windows7-x64

eee37b5af1...b0.exe

windows10-2004-x64

eeeaec4088...b4.exe

windows7-x64

eeeaec4088...b4.exe

windows10-2004-x64

eeffb35d2a...98.exe

windows7-x64

eeffb35d2a...98.exe

windows10-2004-x64

ef1a8eac84...30.exe

windows7-x64

ef1a8eac84...30.exe

windows10-2004-x64

ef5d9dc508...d4.exe

windows7-x64

ef5d9dc508...d4.exe

windows10-2004-x64

ef9c94ed2f...f4.exe

windows7-x64

ef9c94ed2f...f4.exe

windows10-2004-x64

efa0bac8ed...d4.exe

windows7-x64

efa0bac8ed...d4.exe

windows10-2004-x64

efb13a6c7f...aa.exe

windows7-x64

efb13a6c7f...aa.exe

windows10-2004-x64

efbf15e364...42.exe

windows7-x64

efbf15e364...42.exe

windows10-2004-x64

efdcbe8680...47.exe

windows7-x64

efdcbe8680...47.exe

windows10-2004-x64

eff37c0a73...c5.exe

windows7-x64

eff37c0a73...c5.exe

windows10-2004-x64

Analysis

max time kernel
117s
max time network
122s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
22/03/2025, 06:18

Sharing

Copy URL

Twitter E-mail

Static task

static1

8 signatures

Behavioral task

behavioral1

Sample

ee5fd05cf5c85b15681d9d29faed9891e4fb86815f92bb3a816e2c7c191bbcc3.exe

Resource

win7-20240903-en

discovery persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ee5fd05cf5c85b15681d9d29faed9891e4fb86815f92bb3a816e2c7c191bbcc3.exe

Resource

win10v2004-20250314-en

discovery persistence

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral3

Sample

ee69b743006be8b845c65756f0efdb91.exe

Resource

win7-20240903-en

xworm rat trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral4

Sample

ee69b743006be8b845c65756f0efdb91.exe

Resource

win10v2004-20250314-en

xworm rat trojan

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

ee907a3b632b8f170f358fd622afba93c929176f32b3b6db0bc806a8a3cc2e42.exe

Resource

win7-20241023-en

collection credential_access discovery persistence spyware stealer

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral6

Sample

ee907a3b632b8f170f358fd622afba93c929176f32b3b6db0bc806a8a3cc2e42.exe

Resource

win10v2004-20250314-en

collection credential_access discovery persistence spyware stealer

windows10-2004-x64

19 signatures

150 seconds

Behavioral task

behavioral7

Sample

eea4dcd11b7f7e40bb76cc5d43c0246f.exe

Resource

win7-20241023-en

njrat neuf defense_evasion discovery persistence privilege_escalation trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral8

Sample

eea4dcd11b7f7e40bb76cc5d43c0246f.exe

Resource

win10v2004-20250313-en

njrat neuf defense_evasion discovery persistence privilege_escalation trojan

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral9

Sample

eebe0a35fa5791aae284e3ecd38c0682.exe

Resource

win7-20241010-en

metamorpherrat discovery persistence rat stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral10

Sample

eebe0a35fa5791aae284e3ecd38c0682.exe

Resource

win10v2004-20250313-en

metamorpherrat discovery persistence rat stealer trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral11

Sample

eee37b5af157395dc54d091245c04e5be6bbd0ac63101d6016efedaab23afdb0.exe

Resource

win7-20240903-en

dcrat infostealer rat

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral12

Sample

eee37b5af157395dc54d091245c04e5be6bbd0ac63101d6016efedaab23afdb0.exe

Resource

win10v2004-20250314-en

dcrat infostealer rat

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral13

Sample

eeeaec4088574f6dede1eb2751e9a793293ea19c5e2f8a8dd4f470cc593febb4.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

eeeaec4088574f6dede1eb2751e9a793293ea19c5e2f8a8dd4f470cc593febb4.exe

Resource

win10v2004-20250314-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

eeffb35d2a79c3f83ee7c4a4500b1c98.exe

Resource

win7-20240903-en

xred backdoor collection discovery execution persistence spyware stealer

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral16

Sample

eeffb35d2a79c3f83ee7c4a4500b1c98.exe

Resource

win10v2004-20250314-en

xred backdoor collection discovery execution persistence spyware stealer

windows10-2004-x64

24 signatures

150 seconds

Behavioral task

behavioral17

Sample

ef1a8eac84dd9ea2c994351a14b9c6811260e765cb992411c3e4ace9ce289b30.exe

Resource

win7-20240903-en

execution

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral18

Sample

ef1a8eac84dd9ea2c994351a14b9c6811260e765cb992411c3e4ace9ce289b30.exe

Resource

win10v2004-20250314-en

execution

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral19

Sample

ef5d9dc50867f0430aabd8e6696b76d4.exe

Resource

win7-20240903-en

njrat hacked discovery trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral20

Sample

ef5d9dc50867f0430aabd8e6696b76d4.exe

Resource

win10v2004-20250314-en

njrat hacked discovery trojan

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral21

Sample

ef9c94ed2f87a7be79dfaaa427604df4.exe

Resource

win7-20240903-en

dcrat defense_evasion execution infostealer persistence rat trojan

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral22

Sample

ef9c94ed2f87a7be79dfaaa427604df4.exe

Resource

win10v2004-20250314-en

dcrat defense_evasion execution infostealer persistence rat trojan

windows10-2004-x64

23 signatures

150 seconds

Behavioral task

behavioral23

Sample

efa0bac8ed96bc50c4cd73e16850cfd6cf7c6ba23f272d87e534eb7ac250d4d4.exe

Resource

win7-20240729-en

upx

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

efa0bac8ed96bc50c4cd73e16850cfd6cf7c6ba23f272d87e534eb7ac250d4d4.exe

Resource

win10v2004-20250314-en

upx

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

efb13a6c7f3b3923b440d094e7abe8aa.exe

Resource

win7-20241010-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral26

Sample

efb13a6c7f3b3923b440d094e7abe8aa.exe

Resource

win10v2004-20250314-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral27

Sample

efbf15e364864659166a08e05a57ab9442dff6c9ae950a3171de120c49dd0542.exe

Resource

win7-20240903-en

defense_evasion discovery

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral28

Sample

efbf15e364864659166a08e05a57ab9442dff6c9ae950a3171de120c49dd0542.exe

Resource

win10v2004-20250314-en

defense_evasion discovery

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral29

Sample

efdcbe8680cf18754cb9d1895a148647.exe

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral30

Sample

efdcbe8680cf18754cb9d1895a148647.exe

Resource

win10v2004-20250314-en

discovery

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral31

Sample

eff37c0a73a6e26dacdcb0ed3001e2c5.exe

Resource

win7-20250207-en

xworm execution persistence rat trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral32

Sample

eff37c0a73a6e26dacdcb0ed3001e2c5.exe

Resource

win10v2004-20250314-en

xworm execution persistence rat trojan

windows10-2004-x64

14 signatures

150 seconds

Report Analysis Logs

General

Target

efa0bac8ed96bc50c4cd73e16850cfd6cf7c6ba23f272d87e534eb7ac250d4d4.exe
Size

19.1MB
MD5

77cb754c49c66714567918e2b77ba85b
SHA1

13e4c54ac8a9fd69ad5d2e832d53be563208f72d
SHA256

efa0bac8ed96bc50c4cd73e16850cfd6cf7c6ba23f272d87e534eb7ac250d4d4
SHA512

001feeddb93d1979f188b4d989116e926e7169a1fead041b3830cf86760f7b0e7e90fb0dc4170af8673a7455de65c971e530334e2de920e07a70f828c57d4bf8
SSDEEP

393216:mdesClDlJTOtTLpQONm5v0NDktFGjTPE8SFYm6Tshrq1zaXu419VCIF:md4ZO9aONm5v0NQWj4lXmFa+419VCIF

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral23/memory/576-1-0x00000000001B0000-0x00000000014D8000-memory.dmp	upx

Processes

C:\Users\Admin\AppData\Local\Temp\efa0bac8ed96bc50c4cd73e16850cfd6cf7c6ba23f272d87e534eb7ac250d4d4.exe
"C:\Users\Admin\AppData\Local\Temp\efa0bac8ed96bc50c4cd73e16850cfd6cf7c6ba23f272d87e534eb7ac250d4d4.exe"
1⤵
PID:576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/576-0-0x000007FEF57F3000-0x000007FEF57F4000-memory.dmp

Filesize
4KB

Download
memory/576-1-0x00000000001B0000-0x00000000014D8000-memory.dmp

Filesize
19.2MB

Download
memory/576-2-0x000007FEF57F0000-0x000007FEF61DC000-memory.dmp

Filesize
9.9MB

Download
memory/576-3-0x000000001D690000-0x000000001E948000-memory.dmp

Filesize
18.7MB

Download
memory/576-4-0x000007FEF57F0000-0x000007FEF61DC000-memory.dmp

Filesize
9.9MB

Download