Overview

overview

10

Static

static

10

08751be484...2d.dll

windows11-21h2-x64

10

0a9f79abd4...51.exe

windows11-21h2-x64

3

0di3x.exe

windows11-21h2-x64

10

2019-09-02...10.exe

windows11-21h2-x64

10

2c01b00772...eb.exe

windows11-21h2-x64

10

31.exe

windows11-21h2-x64

10

3DMark 11 ...on.exe

windows11-21h2-x64

3

42f9729255...61.exe

windows11-21h2-x64

10

5da0116af4...18.exe

windows11-21h2-x64

5

69c56d12ed...6b.exe

windows11-21h2-x64

905d572f23...50.exe

windows11-21h2-x64

10

948340be97...54.exe

windows11-21h2-x64

10

95560f1a46...f9.dll

windows11-21h2-x64

5

Archive.zi...3e.exe

windows11-21h2-x64

7

DiskIntern...en.exe

windows11-21h2-x64

3

ForceOp 2....ce.exe

windows11-21h2-x64

7

HYDRA.exe

windows11-21h2-x64

10

KLwC6vii.exe

windows11-21h2-x64

1

Keygen.exe

windows11-21h2-x64

10

Lonelyscre...ox.exe

windows11-21h2-x64

3

LtHv0O2KZDK4M637.exe

windows11-21h2-x64

10

Magic_File...ja.exe

windows11-21h2-x64

3

OnlineInstaller.exe

windows11-21h2-x64

8

Remouse.Mi...cg.exe

windows11-21h2-x64

3

SecuriteIn...dE.exe

windows11-21h2-x64

10

SecuriteIn...ee.dll

windows11-21h2-x64

10

SecurityTa...up.exe

windows11-21h2-x64

4

Treasure.V...ox.exe

windows11-21h2-x64

3

VyprVPN.exe

windows11-21h2-x64

10

WSHSetup[1].exe

windows11-21h2-x64

3

Yard.dll

windows11-21h2-x64

10

b2bd3de3e5...2).exe

windows11-21h2-x64

10

Resubmissions

16/04/2025, 11:04

250416-m58gsaz1ay 10

15/04/2025, 17:34

250415-v5ylksypw9 10

15/04/2025, 06:16

250415-g1p7ras1dw 10

14/04/2025, 08:06

250414-jzpwpstxhx 10

14/04/2025, 07:59

250414-jvg1assky4 10

14/04/2025, 07:22

250414-h7g1dss1h1 10

14/04/2025, 07:16

250414-h3xv2s1nv6 10

11/04/2025, 21:39

250411-1h113szzaz 10

Analysis

  • max time kernel
    101s
  • max time network
    216s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250410-en
  • resource tags

    arch:x64arch:x86image:win11-20250410-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    15/04/2025, 06:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5da0116af495e6d8af7241da9b8281d918b9ff9a98a3deab4cca1aec1e456c18.exe

  • Size

    669KB

  • MD5

    ead18f3a909685922d7213714ea9a183

  • SHA1

    1270bd7fd62acc00447b30f066bb23f4745869bf

  • SHA256

    5da0116af495e6d8af7241da9b8281d918b9ff9a98a3deab4cca1aec1e456c18

  • SHA512

    6e532d9c3d186e4dac38823ae9152056346e283613f0caf088b21a1b3e5f4f6cf3bad8c407168b1072895a386e3be0b8c11ad1cb326d3d3ff0eb8562052def91

  • SSDEEP

    6144:bLUHLyHlwFjxDi2nEZkQ4NXxp0XMgkBWPqdN/jGdfYY7SRA7j4YlvfYAAjJ:4uFi02nEZh4jp0XLuxGdgTm73vL

Score
5/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\5da0116af495e6d8af7241da9b8281d918b9ff9a98a3deab4cca1aec1e456c18.exe
    "C:\Users\Admin\AppData\Local\Temp\5da0116af495e6d8af7241da9b8281d918b9ff9a98a3deab4cca1aec1e456c18.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1688
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1688 -s 308
      2⤵
      • Program crash
      PID:3024
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 1688 -ip 1688
    1⤵
      PID:5392

    Network

    MITRE ATT&CK Enterprise v16

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1688-0-0x0000000000400000-0x00000000004A9000-memory.dmp

      Filesize

      676KB

      Download

    • memory/1688-2-0x0000000000730000-0x0000000000830000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1688-3-0x0000000000400000-0x00000000004A9000-memory.dmp

      Filesize

      676KB

      Download