Overview

overview

10

Static

static

10

advertising.exe

windows7-x64

7

advertising.exe

windows10-2004-x64

7

Creal.pyc

windows7-x64

3

Creal.pyc

windows10-2004-x64

3

Resubmissions

21-09-2023 17:49

230921-wdzv1ahf5w 10

21-09-2023 17:47

230921-wc9zksbf87 10

19-09-2023 14:09

230919-rf6zwabe79 10

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2023 14:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    advertising.exe

  • Size

    19.9MB

  • MD5

    1602161a628878a7ed669947e0cbfb51

  • SHA1

    50522bfc2ccd102abe24c6161d648cb689809dce

  • SHA256

    e45d9783e91c4af4861345ba9f21a76fee550147804cc0d9fc5f742f1d9c8b3a

  • SHA512

    cea3c8ce6798406d4d2ae1409c644285f125a0708b1c99fb00e2497e6d4c7f130e68e1cc855d8e7b61fca7e333db0234725232169adc093ea0b98ea72e15a6e5

  • SSDEEP

    393216:TiIE7YoPQtsT4Hr7M5li8k3meCcGfd0NYMbkf76lCOdSx:A7rPQtscL7M5lDaY5F0NY2x2

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\advertising.exe
    "C:\Users\Admin\AppData\Local\Temp\advertising.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2332
    • C:\Users\Admin\AppData\Local\Temp\advertising.exe
      "C:\Users\Admin\AppData\Local\Temp\advertising.exe"
      2⤵
      • Loads dropped DLL
      PID:2496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI23322\python311.dll
    Filesize

    5.5MB

    MD5

    58e01abc9c9b5c885635180ed104fe95

    SHA1

    1c2f7216b125539d63bd111a7aba615c69deb8ba

    SHA256

    de1b95d2e951fc048c84684bc7df4346138910544ee335b61fc8e65f360c3837

    SHA512

    cd32c77191309d99aeed47699501b357b35669123f0dd70ed97c3791a009d1855ab27162db24a4bd9e719b68ee3b0539ee6db88e71abb9a2d4d629f87bc2c081

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI23322\python311.dll
    Filesize

    5.5MB

    MD5

    58e01abc9c9b5c885635180ed104fe95

    SHA1

    1c2f7216b125539d63bd111a7aba615c69deb8ba

    SHA256

    de1b95d2e951fc048c84684bc7df4346138910544ee335b61fc8e65f360c3837

    SHA512

    cd32c77191309d99aeed47699501b357b35669123f0dd70ed97c3791a009d1855ab27162db24a4bd9e719b68ee3b0539ee6db88e71abb9a2d4d629f87bc2c081

    Download Submit