Overview

overview

7

Static

static

7

Cartis_tool_2 2.zip

windows10-1703-x64

1

Cartis_tool_2 2.zip

windows7-x64

1

Cartis_tool_2 2.zip

windows10-2004-x64

1

Carti's to...gen.py

windows10-1703-x64

3

Carti's to...gen.py

windows7-x64

3

Carti's to...gen.py

windows10-2004-x64

3

Carti's to...ne.exe

windows10-1703-x64

1

Carti's to...ne.exe

windows7-x64

1

Carti's to...ne.exe

windows10-2004-x64

1

Carti's to...me.txt

windows10-1703-x64

1

Carti's to...me.txt

windows7-x64

1

Carti's to...me.txt

windows10-2004-x64

1

Carti's to...rus.py

windows10-1703-x64

3

Carti's to...rus.py

windows7-x64

3

Carti's to...rus.py

windows10-2004-x64

3

Carti's to...uke.py

windows10-1703-x64

3

Carti's to...uke.py

windows7-x64

3

Carti's to...uke.py

windows10-2004-x64

3

Carti's to...up.exe

windows10-1703-x64

7

Carti's to...up.exe

windows7-x64

7

Carti's to...up.exe

windows10-2004-x64

7

Carti's to...dox.py

windows10-1703-x64

3

Carti's to...dox.py

windows7-x64

3

Carti's to...dox.py

windows10-2004-x64

3

Carti's to...rti.py

windows10-1703-x64

3

Carti's to...rti.py

windows7-x64

3

Carti's to...rti.py

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2023, 02:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Carti's tool (2)/Carti's tool/Neptune.exe

  • Size

    100KB

  • MD5

    67e8557f6811fc84a055ac5e636dc009

  • SHA1

    5ea59f134d8977aabb5e130ef21a70feec245f05

  • SHA256

    9bb2a443742f631305e8e57af2f6abe0c7343b1e94b055bf767fd1dffdc7640a

  • SHA512

    77d609c4b11ea5a0eebbf7435a6422e1a57172400b969c11e0bab7db759c615c5c1e873932bb8b1f679818b112f80b55f6fd2b08ab68e19732880cd1732b3073

  • SSDEEP

    1536:nb7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIfhw2fNuSQPV9D:n3FfHgTWmCRkGbKGLeNTBfhXVuSQPVR

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Carti's tool (2)\Carti's tool\Neptune.exe
    "C:\Users\Admin\AppData\Local\Temp\Carti's tool (2)\Carti's tool\Neptune.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1524
    • C:\Windows\system32\cmd.exe
      "C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\FE3C.tmp\FE3D.tmp\FE3E.bat "C:\Users\Admin\AppData\Local\Temp\Carti's tool (2)\Carti's tool\Neptune.exe""
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2488
      • C:\Windows\system32\chcp.com
        chcp 65001
        3⤵
          PID:2068

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\FE3C.tmp\FE3D.tmp\FE3E.bat
      Filesize

      8KB

      MD5

      67150823b5efda37b8db8d16975aa954

      SHA1

      a01b8d513a352db0c6f8c4a3bac79aa8c5e03236

      SHA256

      be2a5a4f5acc1d446bf3d407f90e3fdaf8a9773c75590198d4d8a3a5ab281714

      SHA512

      e6badfa18440006b12087f0843c0adaa89d09b0bfe110b01e597c2b0776edf3b02ef48b6140a7ec482c665b334442fa082e82c36bc3608bc32b0644cd261c466

      Download Submit