Analysis
-
max time kernel
63s -
max time network
101s -
platform
windows7_x64 -
resource
win7-en-20210920 -
submitted
21-10-2021 23:23
Static task
static1
Behavioral task
behavioral1
Sample
main.exe
Resource
win7-en-20210920
General
-
Target
main.exe
-
Size
29.6MB
-
MD5
3344c077b5b2b67532a71d0a2ccdd1e2
-
SHA1
6b940b7557d96c16212bb08113c4cc9adbd5c009
-
SHA256
089b3975338c69d1c8ae96cec13328459e8208c7cf9c88ce98896b90697c140b
-
SHA512
ce5c62057224146c77290c7531c1e64a592efc8933f9e15bd87fb1ec31ce4a9056e2b3af27fd0a4780f996b368dc3826a056d7ad19c68d60379138eb6370ab58
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
main.exepid process 1644 main.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
main.exedescription pid process target process PID 472 wrote to memory of 1644 472 main.exe main.exe PID 472 wrote to memory of 1644 472 main.exe main.exe PID 472 wrote to memory of 1644 472 main.exe main.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI4722\python39.dllMD5
7e9d14aa762a46bb5ebac14fbaeaa238
SHA1a5d90a7df9b90bdd8a84d7dc5066e4ea64ceb3d9
SHA256e456ef44b261f895a01efb52d26c7a0c7d7d465b647a7b5592708ebf693f12a3
SHA512280f16348df1c0953bbc6f37ff277485351171d0545ebe469bacd106d907917f87584154aec0f193f37322bc93ac5433cd9a5b5c7f47367176e5a8b19bbd5023
-
\Users\Admin\AppData\Local\Temp\_MEI4722\python39.dllMD5
7e9d14aa762a46bb5ebac14fbaeaa238
SHA1a5d90a7df9b90bdd8a84d7dc5066e4ea64ceb3d9
SHA256e456ef44b261f895a01efb52d26c7a0c7d7d465b647a7b5592708ebf693f12a3
SHA512280f16348df1c0953bbc6f37ff277485351171d0545ebe469bacd106d907917f87584154aec0f193f37322bc93ac5433cd9a5b5c7f47367176e5a8b19bbd5023
-
memory/1644-54-0x0000000000000000-mapping.dmp