Overview

overview

7

Static

static

3

LoaderFixer.exe

windows7-x64

7

LoaderFixer.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    30s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    05-02-2023 05:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LoaderFixer.exe

  • Size

    17.7MB

  • MD5

    a518234ee9320307559770be505c5da3

  • SHA1

    c58f1d5c9718bc340fb3f2a270a9200db29ac339

  • SHA256

    d68af7d58d8514cebc01250af1c0fcdeb6142df3320ff34e48280d56d6af37f8

  • SHA512

    c89dc340920688af1eb2227bec7a0d7b6d935536b1276cbfb615bcdff1cef5f0089261c9d73b33108494f65cf351ac8e82439466db94a311f8247dde2f4f2659

  • SSDEEP

    393216:Lu7L/dWBb+4hQenSyY+k4tOJCEDd/m3pCZkVRiEFT7bfIGy:LCL0N+4XY4tuCEDdKCZkVRiS7kT

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\LoaderFixer.exe
    "C:\Users\Admin\AppData\Local\Temp\LoaderFixer.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1400
    • C:\Users\Admin\AppData\Local\Temp\LoaderFixer.exe
      "C:\Users\Admin\AppData\Local\Temp\LoaderFixer.exe"
      2⤵
      • Loads dropped DLL
      PID:1184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI14002\python39.dll
    Filesize

    4.3MB

    MD5

    5cd203d356a77646856341a0c9135fc6

    SHA1

    a1f4ac5cc2f5ecb075b3d0129e620784814a48f7

    SHA256

    a56afcf5f3a72769c77c3bc43c9b84197180a8b3380b6258073223bfd72ed47a

    SHA512

    390008d57fa711d7c88b77937bf16fdb230e7c1e7182faea6d7c206e9f65ced6f2e835f9da9befb941e80624abe45875602e0e7ad485d9a009d2450a2a0e0f1f

    Download Submit
  • \Users\Admin\AppData\Local\Temp\_MEI14002\python39.dll
    Filesize

    4.3MB

    MD5

    5cd203d356a77646856341a0c9135fc6

    SHA1

    a1f4ac5cc2f5ecb075b3d0129e620784814a48f7

    SHA256

    a56afcf5f3a72769c77c3bc43c9b84197180a8b3380b6258073223bfd72ed47a

    SHA512

    390008d57fa711d7c88b77937bf16fdb230e7c1e7182faea6d7c206e9f65ced6f2e835f9da9befb941e80624abe45875602e0e7ad485d9a009d2450a2a0e0f1f

    Download Submit
  • memory/1184-55-0x0000000000000000-mapping.dmp
    Download
  • memory/1400-54-0x000007FEFC1E1000-0x000007FEFC1E3000-memory.dmp
    Filesize

    8KB

    Download