Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-en-20211014 -
submitted
22-10-2021 07:35
Static task
static1
Behavioral task
behavioral1
Sample
seraph.exe
Resource
win7-en-20211014
General
-
Target
seraph.exe
-
Size
8.3MB
-
MD5
827db2567095ca4df839c873d1b2db2a
-
SHA1
b8f13a2accee2f7309db6fdda702a397a24ecb65
-
SHA256
74529c97adc11d4248f535eaf092d262663d236113284656685881d84f5208df
-
SHA512
9637169505572ac2eb2d5c39fabe3877d6497dfd405f209fd871e946ae4e3c636ecdd473a36d1e1ea9c59618f8bfd80656c6219c8049408c5e4edc4672e4894e
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
seraph.exepid process 568 seraph.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
seraph.exedescription pid process target process PID 752 wrote to memory of 568 752 seraph.exe seraph.exe PID 752 wrote to memory of 568 752 seraph.exe seraph.exe PID 752 wrote to memory of 568 752 seraph.exe seraph.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI7522\python39.dllMD5
64fde73c54618af1854a51db302192fe
SHA1c5580dcea411bfed2d969551e8089aab8285a1d8
SHA256d44753fe884b228da36acb17c879b500aeb0225a38fb7ca142fb046c60b22204
SHA512a7d368301a27ee07a542e45e9ad27683707979fb198b887b66b523609f69e3327d4b77b7edc988c73a4fe26c44bff3abfcd032a991cd730fd8e0de2dad2e3a06
-
\Users\Admin\AppData\Local\Temp\_MEI7522\python39.dllMD5
64fde73c54618af1854a51db302192fe
SHA1c5580dcea411bfed2d969551e8089aab8285a1d8
SHA256d44753fe884b228da36acb17c879b500aeb0225a38fb7ca142fb046c60b22204
SHA512a7d368301a27ee07a542e45e9ad27683707979fb198b887b66b523609f69e3327d4b77b7edc988c73a4fe26c44bff3abfcd032a991cd730fd8e0de2dad2e3a06
-
memory/568-55-0x0000000000000000-mapping.dmp