Overview

overview

10

Static

static

3

4afbc363.exe

windows7-x64

7

4afbc363.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    26s
  • max time network
    32s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2023 08:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4afbc363.exe

  • Size

    10.9MB

  • MD5

    7a94e3afa9b82ddc73184ee0349fc022

  • SHA1

    47cf0b7e2848f74b71478cbb80dd2eb338fd3181

  • SHA256

    15ef1811e340b32689a63154839dc7585f4fdc4acc7a2433a57c3f3b3c0763ff

  • SHA512

    f591e2ad88b3646007182b135764da0a7de2045ed139094c3ebf8e4e353e319d608e9bc36bcdc1dd6b291ec717f50eae4e9efa10829d49b49ba0db3a18c7b3ac

  • SSDEEP

    196608:yaLaAXcHL2Vmd6+DTrLZy7YM30Lzajk/1q3+dgSXpAmA0W8/LaVr0KVQT:ZxcHL2Vmd6mT0Gzajaq3+d9XSmHW8g0N

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4afbc363.exe
    "C:\Users\Admin\AppData\Local\Temp\4afbc363.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2056
    • C:\Users\Admin\AppData\Local\Temp\4afbc363.exe
      "C:\Users\Admin\AppData\Local\Temp\4afbc363.exe"
      2⤵
      • Loads dropped DLL
      PID:548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI20562\python39.dll
    Filesize

    4.3MB

    MD5

    2135da9f78a8ef80850fa582df2c7239

    SHA1

    aac6ad3054de6566851cae75215bdeda607821c4

    SHA256

    324963a39b8fd045ff634bb3271508dab5098b4d99e85e7648d0b47c32dc85c3

    SHA512

    423b03990d6aa9375ce10e6b62ffdb7e1e2f20a62d248aac822eb9d973ae2bf35deddd2550a4a0e17c51ad9f1e4f86443ca8f94050e0986daa345d30181a2369

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI20562\python39.dll
    Filesize

    4.3MB

    MD5

    2135da9f78a8ef80850fa582df2c7239

    SHA1

    aac6ad3054de6566851cae75215bdeda607821c4

    SHA256

    324963a39b8fd045ff634bb3271508dab5098b4d99e85e7648d0b47c32dc85c3

    SHA512

    423b03990d6aa9375ce10e6b62ffdb7e1e2f20a62d248aac822eb9d973ae2bf35deddd2550a4a0e17c51ad9f1e4f86443ca8f94050e0986daa345d30181a2369

    Download Submit