Overview

overview

10

Static

static

3

80a8531daf...76.exe

windows7-x64

10

80a8531daf...76.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29-01-2024 19:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    80a8531daf154b945db7f38de40a8976.exe

  • Size

    12KB

  • MD5

    80a8531daf154b945db7f38de40a8976

  • SHA1

    220ee5a1f816ff477621758f1282efa973fc484b

  • SHA256

    1a875b277b6d3c8cbd10c655f583d79bcb0819ac3e1d936fada5ee3d0b43b5fe

  • SHA512

    2c0ecdbae4c25f7fccc25e867db9969350e8a191c175865b3bbf060deb32d2801507396ba9598341dc614d87a5ee70522e5b8dbd61ca5436df8905d279eeeb31

  • SSDEEP

    384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKhYjlylMeyye37DyQ:v+dAURFxna4QAPQlYghmlylMeyye3/yQ

Score
10/10
upatredownloader

Malware Config

Signatures

  • Upatre

    Upatre is a generic malware downloader.

    downloaderupatre
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\80a8531daf154b945db7f38de40a8976.exe
    "C:\Users\Admin\AppData\Local\Temp\80a8531daf154b945db7f38de40a8976.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Users\Admin\AppData\Local\Temp\szgfw.exe
      "C:\Users\Admin\AppData\Local\Temp\szgfw.exe"
      2⤵
      • Executes dropped EXE
      PID:2948

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\szgfw.exe
    Filesize

    12KB

    MD5

    257641ff443322cc95dcd47c6d93f664

    SHA1

    ea0ecee00fb43f7ac1e53cbc060064790a166817

    SHA256

    d776c8feacded35cba94281b07a2949cc07d8acff91cf556be0815cc6e54edb7

    SHA512

    cea4b7478177ec6e54a0b20b55934763f394ec38e52d74de46d676d6d7c53d0070badd51061b02575105b20f9541bfffb6a5f5f7d7af5a333924fef98ac3b3ce

    Download Submit