Overview

overview

10

Static

static

3

22a01936fa...0a.exe

windows7-x64

7

22a01936fa...0a.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    08/10/2023, 18:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    22a01936fa3311f20c9749d79f6dc26aa48fb991417883095c019db199639b0a.exe

  • Size

    8.4MB

  • MD5

    5406bef14570918655efa36071318fc1

  • SHA1

    b7d01e9038970c3c0f94a1793771cf66ac1f111f

  • SHA256

    22a01936fa3311f20c9749d79f6dc26aa48fb991417883095c019db199639b0a

  • SHA512

    5523cc40831354ce499da3dafcbea6cf8a37423d05ddc27b337ac632a2b75b88a0be0a1273b3b55a9a33cbd7bad37c7f440d48d6c1ceb31aab8113d19727a9eb

  • SSDEEP

    196608:bAgiIE7SRpoajaxSmvdsCnc7gomn9VHGDnSt2S5o4dBmISGF4vhRoSp:diIE7YovHvaCnc7H07mG2Go4dBmnZhCS

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\22a01936fa3311f20c9749d79f6dc26aa48fb991417883095c019db199639b0a.exe
    "C:\Users\Admin\AppData\Local\Temp\22a01936fa3311f20c9749d79f6dc26aa48fb991417883095c019db199639b0a.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2292
    • C:\Users\Admin\AppData\Local\Temp\22a01936fa3311f20c9749d79f6dc26aa48fb991417883095c019db199639b0a.exe
      "C:\Users\Admin\AppData\Local\Temp\22a01936fa3311f20c9749d79f6dc26aa48fb991417883095c019db199639b0a.exe"
      2⤵
      • Loads dropped DLL
      PID:2584

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI22922\python39.dll
          Filesize

          4.3MB

          MD5

          5871ae2a45d675ed9dd077c400018c30

          SHA1

          ddc03af9d433c3dfad8a193c50695139c59b4b58

          SHA256

          5d0ff879174faec03eb173eb2088f2e7519f4663dd6bfe5b817ec602c389ae20

          SHA512

          d87a90dbf42c528bc3fa038eb83d4318d2e8577a590bf9c84641c573b5b2fea83aac91bb108968252e07497424ed85f519a864e955f94a7f8e87bfc38e0f4b7b

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI22922\python39.dll
          Filesize

          4.3MB

          MD5

          5871ae2a45d675ed9dd077c400018c30

          SHA1

          ddc03af9d433c3dfad8a193c50695139c59b4b58

          SHA256

          5d0ff879174faec03eb173eb2088f2e7519f4663dd6bfe5b817ec602c389ae20

          SHA512

          d87a90dbf42c528bc3fa038eb83d4318d2e8577a590bf9c84641c573b5b2fea83aac91bb108968252e07497424ed85f519a864e955f94a7f8e87bfc38e0f4b7b

          Download Submit