f13acf2ee6e41ce6a064587b59fdd48e31c206183f862947b4f4dae6d56fcd46

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
11/08/2023, 18:11

Target

molebox-2.5.12-installer_JG-bAU1.exe
Size

1.7MB
MD5

fc41cfc50d4f234336089021ae043a4b
SHA1

3a9573c8b1bd11dacce4e9a850ce3e3c9ba22c36
SHA256

f13acf2ee6e41ce6a064587b59fdd48e31c206183f862947b4f4dae6d56fcd46
SHA512

68a9acc9d8f561cb567b98b5cb34d8f1217fc01ba8a9a9c688352ec283d2a017dfa404a317f40f29a646098d76829deedd0be7bd6b0b3fea4901189c97a20dd4
SSDEEP

24576:q7FUDowAyrTVE3U5FmWRu6uMjuTNbb08wlkBdWgtUtQ2jSpGcr6W90M8B:qBuZrEUhu6VyTNn6rm2jE903

Score

4^/10

Executes dropped EXE 1 IoCs

pid	Process
4644	molebox-2.5.12-installer_JG-bAU1.tmp

Script User-Agent 1 IoCs

Uses user-agent string associated with script host/environment.

description	flow	ioc
HTTP User-Agent header	16	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

Suspicious behavior: EnumeratesProcesses 14 IoCs

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2232 wrote to memory of 4644	2232	molebox-2.5.12-installer_JG-bAU1.exe	83
PID 2232 wrote to memory of 4644	2232	molebox-2.5.12-installer_JG-bAU1.exe	83
PID 2232 wrote to memory of 4644	2232	molebox-2.5.12-installer_JG-bAU1.exe	83

C:\Users\Admin\AppData\Local\Temp\molebox-2.5.12-installer_JG-bAU1.exe
"C:\Users\Admin\AppData\Local\Temp\molebox-2.5.12-installer_JG-bAU1.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2232
- C:\Users\Admin\AppData\Local\Temp\is-9C718.tmp\molebox-2.5.12-installer_JG-bAU1.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-9C718.tmp\molebox-2.5.12-installer_JG-bAU1.tmp" /SL5="$80050,836424,832512,C:\Users\Admin\AppData\Local\Temp\molebox-2.5.12-installer_JG-bAU1.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: EnumeratesProcesses
  PID:4644

C:\Users\Admin\AppData\Local\Temp\is-03SHO.tmp\mainlogo.gif

Filesize
2KB

MD5
e6c85a4a0952303cfb874b4e734c79e7

SHA1
1f7e1fdfe86e34f3693d272d31239ee5c3811fc3

SHA256
dda704b68dced220d05f73cf235c00557032ea4c9d56fe59b3ed83de91a587d3

SHA512
449b31c2f574fb5586b501c1885dc625f2810253675897888ca8df5511c3e61ec90b05e0a9241b8f831eda3a8453f0e57d1ddc9c0b39e8ed9674bb562a1f3b6d

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-9C718.tmp\molebox-2.5.12-installer_JG-bAU1.tmp

Filesize
3.1MB

MD5
5180d9c9df1b9c25ae7b6dadcdbe9313

SHA1
431bc4cb3e9564b10cae803e58b3b9689dc30749

SHA256
1b0bac6032e84bacb578ac807d65eca386e7afcd4138784375fdc88fd79d302e

SHA512
3ae753c78ced6a5690da1c8209899a3df6e8254ea1a554001e0eb13e07c260a8bbae029008923f10b5027bee4b6bd8cb16122af07bff9caf1906a7393194fd9c

Download Submit
memory/2232-134-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/2232-154-0x0000000000400000-0x00000000004D8000-memory.dmp

Filesize
864KB

Download
memory/4644-139-0x0000000002810000-0x0000000002811000-memory.dmp

Filesize
4KB

Download
memory/4644-149-0x0000000004C10000-0x0000000004D50000-memory.dmp

Filesize
1.2MB

Download
memory/4644-153-0x0000000004C10000-0x0000000004D50000-memory.dmp

Filesize
1.2MB

Download
memory/4644-155-0x0000000000400000-0x000000000071B000-memory.dmp

Filesize
3.1MB

Download
memory/4644-156-0x0000000002810000-0x0000000002811000-memory.dmp

Filesize
4KB

Download