Overview

overview

9

Static

static

3

Built.exe

windows7-x64

7

Built.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    28s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    05-05-2023 19:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Built.exe

  • Size

    8.3MB

  • MD5

    a4c269a243996cd114b1a845be66e33d

  • SHA1

    8a60d80e6f737c8adf16f2c2b7dd96d4a89bac70

  • SHA256

    1eaef065ccf25bc893ab3850a98d2d09aca90f4a7bedd5130f8b300060978ff5

  • SHA512

    0dcd88ea6fbdfa2d5960ed5dc6debaff3d45ad1beb1a42d0d0062a5ef26409aaad4fd24f55fa38cf7b99e711b5cad835f9c9a1314af4fc2adbc55007f782a3da

  • SSDEEP

    196608:JUafMj6OjmFK24M6P9BTP4Tn9VyUyFKufc5C:Kaf4KSMIBTPY4cuZ

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Built.exe
    "C:\Users\Admin\AppData\Local\Temp\Built.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:912
    • C:\Users\Admin\AppData\Local\Temp\Built.exe
      "C:\Users\Admin\AppData\Local\Temp\Built.exe"
      2⤵
      • Loads dropped DLL
      PID:880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI9122\python311.dll
    Filesize

    1.6MB

    MD5

    bd41a26e89fc6bc661c53a2d4af35e3e

    SHA1

    8b52f7ab62ddb8c484a7da16efad33ce068635f6

    SHA256

    3cded5180dca1015347fd6ea44dbcc5ddd050adc7adbb99cf2991032320a5359

    SHA512

    b8dafc262d411e1c315754be4901d507893db04ea2d3f4b71cbdd0dab25d27f9274e7faf85ac880c85522d24fa57da06019c5910622003a305914cf8884ad02f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI9122\python311.dll
    Filesize

    1.6MB

    MD5

    bd41a26e89fc6bc661c53a2d4af35e3e

    SHA1

    8b52f7ab62ddb8c484a7da16efad33ce068635f6

    SHA256

    3cded5180dca1015347fd6ea44dbcc5ddd050adc7adbb99cf2991032320a5359

    SHA512

    b8dafc262d411e1c315754be4901d507893db04ea2d3f4b71cbdd0dab25d27f9274e7faf85ac880c85522d24fa57da06019c5910622003a305914cf8884ad02f

    Download Submit

  • memory/880-82-0x000007FEF5D90000-0x000007FEF6379000-memory.dmp

    Filesize

    5.9MB

    Download