Overview

overview

7

Static

static

3

sims-4-upd...92.exe

windows7-x64

7

sims-4-upd...92.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    30s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    04-02-2023 17:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sims-4-updater-v0.6.92.exe

  • Size

    18.4MB

  • MD5

    c8546be8f76d984509971a5b14b25e44

  • SHA1

    1c2cd66e06443d5c7dfe1275b3fce3cdc5901c99

  • SHA256

    722bf7b2f768acbaf2d1daf83522c76a0d0c2b3307356d5febbc78aa3f2e3a93

  • SHA512

    6ed4dc4f4bee452324593507072f46fad352d06fc24f00c491b881efd4efc6f4f7b06039e215142432a6a9f4af2d16070859b9ad74f1eec0e872734f7894c25a

  • SSDEEP

    393216:XSEInEroX/lh2pWsKkXghq3+d9a14UsdJEI8mmpzkW81/Q9NTR612c:qErUNQpWoBOd9aSUsdJEI8kW81e9RBc

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\sims-4-updater-v0.6.92.exe
    "C:\Users\Admin\AppData\Local\Temp\sims-4-updater-v0.6.92.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1072
    • C:\Users\Admin\AppData\Local\Temp\sims-4-updater-v0.6.92.exe
      "C:\Users\Admin\AppData\Local\Temp\sims-4-updater-v0.6.92.exe"
      2⤵
      • Loads dropped DLL
      PID:1768

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI10722\python310.dll
    Filesize

    4.3MB

    MD5

    316ce972b0104d68847ab38aba3de06a

    SHA1

    ca1e227fd7f1cfb1382102320dadef683213024b

    SHA256

    34f0e44a0d089587e1ea48c1cc4c3164a1819c6db27a7c1b746af46d6388c26e

    SHA512

    a11da6590a71d977c62b1c26c275763413f6a455e6d85fa052654d05d845dbbe8122bbd8e0a23887f9873d4291382ebbd5df19674ad2dda1cf0ff3206054939b

    Download Submit
  • \Users\Admin\AppData\Local\Temp\_MEI10722\python310.dll
    Filesize

    4.3MB

    MD5

    316ce972b0104d68847ab38aba3de06a

    SHA1

    ca1e227fd7f1cfb1382102320dadef683213024b

    SHA256

    34f0e44a0d089587e1ea48c1cc4c3164a1819c6db27a7c1b746af46d6388c26e

    SHA512

    a11da6590a71d977c62b1c26c275763413f6a455e6d85fa052654d05d845dbbe8122bbd8e0a23887f9873d4291382ebbd5df19674ad2dda1cf0ff3206054939b

    Download Submit
  • memory/1072-54-0x000007FEFBF31000-0x000007FEFBF33000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1768-55-0x0000000000000000-mapping.dmp
    Download