Overview

overview

10

Static

static

3

7X/1PGNZ8NZG6RCE9.exe

windows7-x64

7

7X/1PGNZ8NZG6RCE9.exe

windows10-2004-x64

10

7X/E4G24DU1GQR.exe

windows7-x64

7

7X/E4G24DU1GQR.exe

windows10-2004-x64

10

7X/SMF5YO6...Z4.exe

windows7-x64

7

7X/SMF5YO6...Z4.exe

windows10-2004-x64

10

7X/UTNL9P7TICJ.exe

windows7-x64

7

7X/UTNL9P7TICJ.exe

windows10-2004-x64

7

7X/om6osj7p9.exe

windows7-x64

7

7X/om6osj7p9.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    123s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    05-08-2023 09:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7X/SMF5YO6UKC5CA0WZ4.exe

  • Size

    10.1MB

  • MD5

    b03269de34a91507bcc3d3ac08164963

  • SHA1

    1911081f70c3bf9330a0643809af5e19877cf485

  • SHA256

    4bff93a45ae905d1da538b8a27ac077aba9c9cae3026507c68f93bda0d491944

  • SHA512

    1d5366c238a191829d76182b11a66dd8ceb63de4fbee5e9d2f38d7229c7d9e530ca7310856e66bd52ba7ed8fb2e944fc06e322eaf778faadfd9aee2802e0513e

  • SSDEEP

    196608:yLDna+butR4FMIZETSt3jPePdrQJ2BNOq62gAqYPYgUFHN:yDnaOyRQETSBvJSOq62YHtFHN

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7X\SMF5YO6UKC5CA0WZ4.exe
    "C:\Users\Admin\AppData\Local\Temp\7X\SMF5YO6UKC5CA0WZ4.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2156
    • C:\Users\Admin\AppData\Local\Temp\7X\SMF5YO6UKC5CA0WZ4.exe
      "C:\Users\Admin\AppData\Local\Temp\7X\SMF5YO6UKC5CA0WZ4.exe"
      2⤵
      • Loads dropped DLL
      PID:932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI21562\python311.dll
    Filesize

    5.5MB

    MD5

    5a5dd7cad8028097842b0afef45bfbcf

    SHA1

    e247a2e460687c607253949c52ae2801ff35dc4a

    SHA256

    a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce

    SHA512

    e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

    Download Submit
  • \Users\Admin\AppData\Local\Temp\_MEI21562\python311.dll
    Filesize

    5.5MB

    MD5

    5a5dd7cad8028097842b0afef45bfbcf

    SHA1

    e247a2e460687c607253949c52ae2801ff35dc4a

    SHA256

    a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce

    SHA512

    e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

    Download Submit