Overview

overview

7

Static

static

3

Loader.exe

windows7-x64

7

Loader.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    25s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20230703-de
  • resource tags

    arch:x64arch:x86image:win7-20230703-delocale:de-deos:windows7-x64systemwindows
  • submitted
    10/07/2023, 17:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Loader.exe

  • Size

    19.2MB

  • MD5

    0695a94a3a1226b068b05138a644faa3

  • SHA1

    bdf051ee0975cc05b5081933b0f2cb1eb727fa0b

  • SHA256

    fe83ebd44d2248dfe21ca0c84a742b3e6b75f41d01727a0263b3961b4c55702a

  • SHA512

    ca180f319ba2e49478a82222226cf0b4b832608a911a37286dc610b7c96b54860acfead727183e742dd6bd2f8f0475ea5482b96669ad44fcb91d9d74ce3fba18

  • SSDEEP

    393216:0xAlnnafrVzeeuXK9Q+MMIBvPzj8yzd0zd8V:JlnCMtK9QTMsPHtF

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Loader.exe
    "C:\Users\Admin\AppData\Local\Temp\Loader.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1480
    • C:\Users\Admin\AppData\Local\Temp\Loader.exe
      "C:\Users\Admin\AppData\Local\Temp\Loader.exe"
      2⤵
      • Loads dropped DLL
      PID:1792

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI14802\python311.dll
          Filesize

          1.6MB

          MD5

          bd41a26e89fc6bc661c53a2d4af35e3e

          SHA1

          8b52f7ab62ddb8c484a7da16efad33ce068635f6

          SHA256

          3cded5180dca1015347fd6ea44dbcc5ddd050adc7adbb99cf2991032320a5359

          SHA512

          b8dafc262d411e1c315754be4901d507893db04ea2d3f4b71cbdd0dab25d27f9274e7faf85ac880c85522d24fa57da06019c5910622003a305914cf8884ad02f

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI14802\python311.dll
          Filesize

          1.6MB

          MD5

          bd41a26e89fc6bc661c53a2d4af35e3e

          SHA1

          8b52f7ab62ddb8c484a7da16efad33ce068635f6

          SHA256

          3cded5180dca1015347fd6ea44dbcc5ddd050adc7adbb99cf2991032320a5359

          SHA512

          b8dafc262d411e1c315754be4901d507893db04ea2d3f4b71cbdd0dab25d27f9274e7faf85ac880c85522d24fa57da06019c5910622003a305914cf8884ad02f

          Download Submit

        • memory/1792-158-0x000007FEF5890000-0x000007FEF5E79000-memory.dmp

          Filesize

          5.9MB

          Download