Overview

overview

8

Static

static

3

main.exe

windows7-x64

8

main.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    42s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    25-11-2022 15:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    main.exe

  • Size

    14.8MB

  • MD5

    193ed38bf4001a0796210f6c90a25891

  • SHA1

    8294acd20d7a869eefa39846d651afe1f7679f20

  • SHA256

    b2773d8389fb0cdef95484b3744dc38576d743fa6d81d6f2b74c936f81e67b25

  • SHA512

    d5e612801785aa34bfa1643152b16e2a892ecda06c7b5fcc0519d61cbf701afea3e4982bc4c5ef0fc0983b18184950beb365951811c10a835399622850bcb68b

  • SSDEEP

    196608:EUa01+o/IFOeNeNJm3AqxInY7/sWBuIyv8ldf5O/qtNdpfnT8obK9:/+oue/m3pxIusWbyv8l55OMpnT8obK

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\main.exe
    "C:\Users\Admin\AppData\Local\Temp\main.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1096
    • C:\Users\Admin\AppData\Local\Temp\main.exe
      "C:\Users\Admin\AppData\Local\Temp\main.exe"
      2⤵
      • Loads dropped DLL
      PID:1584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI10962\python310.dll
    Filesize

    1.4MB

    MD5

    92c544ea3dbb71aab0c46bcc4e91f960

    SHA1

    4169bb18e4ab8aaa7e425c4a8aca74d934691572

    SHA256

    ea8a7abde9818aee90b6971e777ee00088d99061d0f1ad16f10e5e121309b27c

    SHA512

    672cc3d6dba1fa419de0592f37ecbca2ea779b7d635165c831bc5f21cfa422bbf92af0429ce4f845bd6e484152727ea46cdc3fe1aa56e044fc395d3524a7642f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI10962\python310.dll
    Filesize

    1.4MB

    MD5

    92c544ea3dbb71aab0c46bcc4e91f960

    SHA1

    4169bb18e4ab8aaa7e425c4a8aca74d934691572

    SHA256

    ea8a7abde9818aee90b6971e777ee00088d99061d0f1ad16f10e5e121309b27c

    SHA512

    672cc3d6dba1fa419de0592f37ecbca2ea779b7d635165c831bc5f21cfa422bbf92af0429ce4f845bd6e484152727ea46cdc3fe1aa56e044fc395d3524a7642f

    Download Submit

  • memory/1096-54-0x000007FEFBE11000-0x000007FEFBE13000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1584-59-0x000007FEF6270000-0x000007FEF66DE000-memory.dmp

    Filesize

    4.4MB

    Download