Overview

overview

7

Static

static

3

F-M-E.exe

windows7-x64

7

F-M-E.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    22-08-2023 02:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    F-M-E.exe

  • Size

    19.2MB

  • MD5

    9fe8202437701b7c3c4467d8404c04bb

  • SHA1

    2ea5e5217bc53cfa82298ed49bdd5516909713b9

  • SHA256

    bcc18bf53294029b670f3b628e360535ef7527b1ee85bd86f055f5f907735351

  • SHA512

    cbc0ce9c326bc4afca0bb57db93f3348a361a3dfa724d1dce73077ed0238367ae3d605a916754b76103de21d15203cc0a06a6baeb8f788091291a720bc1a2d9b

  • SSDEEP

    393216:oyOplafrVzeeuXK9Q+MMIBvPz72fzd0zd8V:qjCMtK9QTMsPfaF

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\F-M-E.exe
    "C:\Users\Admin\AppData\Local\Temp\F-M-E.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2244
    • C:\Users\Admin\AppData\Local\Temp\F-M-E.exe
      "C:\Users\Admin\AppData\Local\Temp\F-M-E.exe"
      2⤵
      • Loads dropped DLL
      PID:2520
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:1780

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\_MEI22442\python311.dll
      Filesize

      1.6MB

      MD5

      bd41a26e89fc6bc661c53a2d4af35e3e

      SHA1

      8b52f7ab62ddb8c484a7da16efad33ce068635f6

      SHA256

      3cded5180dca1015347fd6ea44dbcc5ddd050adc7adbb99cf2991032320a5359

      SHA512

      b8dafc262d411e1c315754be4901d507893db04ea2d3f4b71cbdd0dab25d27f9274e7faf85ac880c85522d24fa57da06019c5910622003a305914cf8884ad02f

      Download Submit

    • \Users\Admin\AppData\Local\Temp\_MEI22442\python311.dll
      Filesize

      1.6MB

      MD5

      bd41a26e89fc6bc661c53a2d4af35e3e

      SHA1

      8b52f7ab62ddb8c484a7da16efad33ce068635f6

      SHA256

      3cded5180dca1015347fd6ea44dbcc5ddd050adc7adbb99cf2991032320a5359

      SHA512

      b8dafc262d411e1c315754be4901d507893db04ea2d3f4b71cbdd0dab25d27f9274e7faf85ac880c85522d24fa57da06019c5910622003a305914cf8884ad02f

      Download Submit

    • memory/2520-157-0x000007FEF56D0000-0x000007FEF5CB9000-memory.dmp

      Filesize

      5.9MB

      Download