Analysis
-
max time kernel
68s -
max time network
7s -
platform
windows7_x64 -
resource
win7-en-20210920 -
submitted
22-09-2021 11:15
Static task
static1
Behavioral task
behavioral1
Sample
free bobux.exe
Resource
win7-en-20210920
General
-
Target
free bobux.exe
-
Size
63.9MB
-
MD5
c0c9e2fe7c9b46921faa12af25e1d894
-
SHA1
96b810fe24c0e3bfc3e2dc5119bd5c000511084f
-
SHA256
35636874ce9ff3e75f87c4eb62e1cf6223b58f0aa5b86b529caf0a07862c86d1
-
SHA512
125ac86ac06d95baa38239e792ce7860c6505926f926228d2e96ebfdb193cf85802e608b41f6cb8e9280ecaea60eb28de53b5d02cf34c4042fe2ca0761df50b5
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
free bobux.exepid process 1132 free bobux.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
free bobux.exedescription pid process target process PID 2004 wrote to memory of 1132 2004 free bobux.exe free bobux.exe PID 2004 wrote to memory of 1132 2004 free bobux.exe free bobux.exe PID 2004 wrote to memory of 1132 2004 free bobux.exe free bobux.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI20042\python39.dllMD5
7e9d14aa762a46bb5ebac14fbaeaa238
SHA1a5d90a7df9b90bdd8a84d7dc5066e4ea64ceb3d9
SHA256e456ef44b261f895a01efb52d26c7a0c7d7d465b647a7b5592708ebf693f12a3
SHA512280f16348df1c0953bbc6f37ff277485351171d0545ebe469bacd106d907917f87584154aec0f193f37322bc93ac5433cd9a5b5c7f47367176e5a8b19bbd5023
-
\Users\Admin\AppData\Local\Temp\_MEI20042\python39.dllMD5
7e9d14aa762a46bb5ebac14fbaeaa238
SHA1a5d90a7df9b90bdd8a84d7dc5066e4ea64ceb3d9
SHA256e456ef44b261f895a01efb52d26c7a0c7d7d465b647a7b5592708ebf693f12a3
SHA512280f16348df1c0953bbc6f37ff277485351171d0545ebe469bacd106d907917f87584154aec0f193f37322bc93ac5433cd9a5b5c7f47367176e5a8b19bbd5023
-
memory/1132-53-0x0000000000000000-mapping.dmp