Overview

overview

10

Static

static

3

pycryptopayload.exe

windows7-x64

7

pycryptopayload.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14-09-2023 05:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pycryptopayload.exe

  • Size

    23.9MB

  • MD5

    ec74dbce58746b38fd7b4c893e6a0055

  • SHA1

    52f9654a1c15d8bf22a45db456792fc9ee3f1195

  • SHA256

    e3e691a9c78c57df9fd04725cc230502f0c1c9c60f8cdfad677c65458409a7f2

  • SHA512

    5ecb1ba09f838838dbfceed00a9324b8f85d0f4dc9e8c51e3a77ae55031417ad453c5462c3947990801583aab4e018d8ad56b8cee4a4651e131a6945d058dde6

  • SSDEEP

    393216:V+vUWv/HL2Vmo2WtYjUaNRDHvcrwhvr+bUn2KekLTH6mp/WViHW0Gzajaq3+d9Xn:V4UYyVmVfjrRj0r6+bUno0fcElOd9Xg2

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\pycryptopayload.exe
    "C:\Users\Admin\AppData\Local\Temp\pycryptopayload.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1376
    • C:\Users\Admin\AppData\Local\Temp\pycryptopayload.exe
      "C:\Users\Admin\AppData\Local\Temp\pycryptopayload.exe"
      2⤵
      • Loads dropped DLL
      PID:2336

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI13762\python39.dll
    Filesize

    4.3MB

    MD5

    2135da9f78a8ef80850fa582df2c7239

    SHA1

    aac6ad3054de6566851cae75215bdeda607821c4

    SHA256

    324963a39b8fd045ff634bb3271508dab5098b4d99e85e7648d0b47c32dc85c3

    SHA512

    423b03990d6aa9375ce10e6b62ffdb7e1e2f20a62d248aac822eb9d973ae2bf35deddd2550a4a0e17c51ad9f1e4f86443ca8f94050e0986daa345d30181a2369

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI13762\python39.dll
    Filesize

    4.3MB

    MD5

    2135da9f78a8ef80850fa582df2c7239

    SHA1

    aac6ad3054de6566851cae75215bdeda607821c4

    SHA256

    324963a39b8fd045ff634bb3271508dab5098b4d99e85e7648d0b47c32dc85c3

    SHA512

    423b03990d6aa9375ce10e6b62ffdb7e1e2f20a62d248aac822eb9d973ae2bf35deddd2550a4a0e17c51ad9f1e4f86443ca8f94050e0986daa345d30181a2369

    Download Submit