Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Users\user\Desktop\USB-DRIVERS-ALL-11-14-13.exe

"C:\Users\user\Desktop\USB-DRIVERS-ALL-11-14-13.exe"

Details

Is windows:	false
Is dropped:	false
PID:	6848
Target ID:	0
Parent PID:	1028
Name:	USB-DRIVERS-ALL-11-14-13.exe
Path:	C:\Users\user\Desktop\USB-DRIVERS-ALL-11-14-13.exe
Commandline:	"C:\Users\user\Desktop\USB-DRIVERS-ALL-11-14-13.exe"
Size:	7715840
MD5:	0CC5D1C6EB22A1C08FF1BF65C7802F32
Time:	15:36:41
Date:	31/10/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x8c0000
Modulesize:	7749632
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
OS version to string mapping found (often used in BOTs)	Stealing of Sensitive Information
PE file contains executable resources (Code or Archives)	System Summary
PE file contains sections with non-standard names	Data Obfuscation
Uses 32bit PE files	Compliance, System Summary
PE file has an executable .text section and no other executable section	System Summary
Sample reads its own file content	System Summary
URLs found in memory or binary data	Networking
PE file contains a valid data directory to section mapping	System Summary
Contains modern PE file flags such as dynamic base (ASLR) or NX	Compliance, System Summary
PE file has a big raw section	System Summary
Submission file is bigger than most known malware samples	System Summary

URLs

Name

Malicious

http://www.winzip.com

unknown

http://nsis.sf.net/NSIS_Error

unknown

http://nsis.sf.net/NSIS_ErrorError

unknown

Memdumps

Base Address

Regiontype

Protect

Malicious

8D7000

unkown

page readonly

1282000

heap

page read and write

1271000

heap

page read and write

1219000

heap

page read and write

1272000

heap

page read and write

1272000

heap

page read and write

121A000

heap

page read and write

1195000

heap

page read and write

122B000

heap

page read and write

1281000

heap

page read and write

125F000

heap

page read and write

1263000

heap

page read and write

13C0000

heap

page read and write

1282000

heap

page read and write

1251000

heap

page read and write

1272000

heap

page read and write

54C0000

heap

page read and write

121A000

heap

page read and write

1263000

heap

page read and write

1190000

heap

page read and write

8A0000

heap

page read and write

1219000

heap

page read and write

3D4D000

stack

page read and write

125E000

heap

page read and write

1216000

heap

page read and write

8E3000

unkown

page readonly

1239000

heap

page read and write

1283000

heap

page read and write

3DB0000

trusted library allocation

page read and write

8C0000

unkown

page readonly

8C0000

unkown

page readonly

1216000

heap

page read and write

125E000

heap

page read and write

3C6E000

stack

page read and write

1281000

heap

page read and write

122B000

heap

page read and write

54D0000

heap

page read and write

1261000

heap

page read and write

122B000

heap

page read and write

1272000

heap

page read and write

125E000

heap

page read and write

5020000

heap

page read and write

1210000

heap

page read and write

121A000

heap

page read and write

121A000

heap

page read and write

1219000

heap

page read and write

1282000

heap

page read and write

1219000

heap

page read and write

1140000

heap

page read and write

1420000

heap

page read and write

1320000

heap

page read and write

5F8000

stack

page read and write

122B000

heap

page read and write

1272000

heap

page read and write

3D3C000

stack

page read and write

1228000

heap

page read and write

122B000

heap

page read and write

8D1000

unkown

page read and write

1282000

heap

page read and write

1270000

heap

page read and write

2C84000

heap

page read and write

1282000

heap

page read and write

122B000

heap

page read and write

3CBE000

stack

page read and write

1239000

heap

page read and write

3CCC000

stack

page read and write

1281000

heap

page read and write

1215000

heap

page read and write

1228000

heap

page read and write

125E000

heap

page read and write

11A0000

heap

page read and write

1263000

heap

page read and write

8E3000

unkown

page readonly

8D1000

unkown

page write copy

8D7000

unkown

page readonly

1228000

heap

page read and write

125E000

heap

page read and write

8B0000

heap

page read and write

2C80000

heap

page read and write

122B000

heap

page read and write

122B000

heap

page read and write

1251000

heap

page read and write

122B000

heap

page read and write

1251000

heap

page read and write

1429000

heap

page read and write

1203000

heap

page read and write

3C1E000

stack

page read and write

122B000

heap

page read and write

1206000

heap

page read and write

1251000

heap

page read and write

1281000

heap

page read and write

1271000

heap

page read and write

1272000

heap

page read and write

1251000

heap

page read and write

1216000

heap

page read and write

125E000

heap

page read and write

1272000

heap

page read and write

1272000

heap

page read and write

1425000

heap

page read and write

1263000

heap

page read and write

838000

stack

page read and write

1272000

heap

page read and write

11EB000

heap

page read and write

3C2F000

stack

page read and write

1282000

heap

page read and write

122B000

heap

page read and write

13B0000

heap

page read and write

1215000

heap

page read and write

122B000

heap

page read and write

125F000

heap

page read and write

1263000

heap

page read and write

1272000

heap

page read and write

1239000

heap

page read and write

3C7E000

stack

page read and write

122B000

heap

page read and write

8C1000

unkown

page execute read

11C4000

heap

page read and write

1282000

heap

page read and write

1239000

heap

page read and write

1282000

heap

page read and write

1219000

heap

page read and write

1239000

heap

page read and write

122B000

heap

page read and write

13F0000

heap

page read and write

1272000

heap

page read and write

125E000

heap

page read and write

1251000

heap

page read and write

1272000

heap

page read and write

1239000

heap

page read and write

1219000

heap

page read and write

1272000

heap

page read and write

8CE000

unkown

page readonly

1120000

unkown

page read and write

1272000

heap

page read and write

11A4000

heap

page read and write

8C1000

unkown

page execute read

1216000

heap

page read and write

1219000

heap

page read and write

8CE000

unkown

page readonly

1263000

heap

page read and write

1263000

heap

page read and write

1251000

heap

page read and write

11AC000

heap

page read and write

122B000

heap

page read and write

30C0000

trusted library allocation

page read and write

There are 135 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
USB-DRIVERS-ALL-11-14-13.exe

Processes

URLs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportUSB-DRIVERS-ALL-11-14-13.exe

Processes

URLs

Memdumps

IOC Report
USB-DRIVERS-ALL-11-14-13.exe