Overview

overview

8

Static

static

3

Ceievel.exe

windows7-x64

8

Ceievel.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    42s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29-09-2022 00:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Ceievel.exe

  • Size

    18.7MB

  • MD5

    8fe57d59c821fec0c1358c57d3e6e0d5

  • SHA1

    d9c2d9e5d829013798ea42dd29d0f174e1ddd181

  • SHA256

    d9733cebf8c59a84be5d96da2ca06ae185069a9d219478000c0e8c5909ccea4a

  • SHA512

    9c3e505c09a86469105c1e0e013383433663d72ab265011e21fcb249833d806bbd8704916ca5f48b28a9a82c491b69fa5b27fd5e1c84f8f9c472aa576bcc7172

  • SSDEEP

    393216:0S6mhw3e/m3pfCTnbtX1JFrMxRrHtZ9/Lg1rUfolv:0SdhdKMtXPFGZ9/k1rUfev

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Ceievel.exe
    "C:\Users\Admin\AppData\Local\Temp\Ceievel.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1572
    • C:\Users\Admin\AppData\Local\Temp\Ceievel.exe
      "C:\Users\Admin\AppData\Local\Temp\Ceievel.exe"
      2⤵
      • Loads dropped DLL
      PID:1648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI15722\python310.dll
    Filesize

    1.4MB

    MD5

    99cb804abc9a8f4cb8d08d77e515dcb7

    SHA1

    0d833cb729f3d5c845491b61b47018c82065f4ad

    SHA256

    8d23914f6eaa371f2e0c15816c7ab62573d428e750d1bbcd9a07498264d7d240

    SHA512

    43252d45803957ba79d42afdd12b956c3b829c9b00a78199c35e3eeb863d8c56f4f0b467faae227b7c058f59a3f11152f670090e2212eb6a2837378bca53ac82

    Download Submit
  • \Users\Admin\AppData\Local\Temp\_MEI15722\python310.dll
    Filesize

    1.4MB

    MD5

    99cb804abc9a8f4cb8d08d77e515dcb7

    SHA1

    0d833cb729f3d5c845491b61b47018c82065f4ad

    SHA256

    8d23914f6eaa371f2e0c15816c7ab62573d428e750d1bbcd9a07498264d7d240

    SHA512

    43252d45803957ba79d42afdd12b956c3b829c9b00a78199c35e3eeb863d8c56f4f0b467faae227b7c058f59a3f11152f670090e2212eb6a2837378bca53ac82

    Download Submit
  • memory/1572-54-0x000007FEFBD81000-0x000007FEFBD83000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1648-55-0x0000000000000000-mapping.dmp
    Download
  • memory/1648-59-0x000007FEF6170000-0x000007FEF65D4000-memory.dmp
    Filesize

    4.4MB

    Download
  • memory/1648-60-0x000007FEF6170000-0x000007FEF65D4000-memory.dmp
    Filesize

    4.4MB

    Download