5979e9a0755efaff32615eaffeb8e9e7a098b2eb83106acb9a770643ce121f29

Resubmissions

10-10-2023 21:20

10-10-2023 20:47

10-10-2023 20:44

max time kernel
144s
max time network
127s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
10-10-2023 20:47

Target

MusicConverter.exe
Size

3.7MB
MD5

0b7b65638fab7fcdfa85cc1c96d7bb53
SHA1

33ebc605d7aabb3436cedd748baaadbf96423b33
SHA256

5979e9a0755efaff32615eaffeb8e9e7a098b2eb83106acb9a770643ce121f29
SHA512

bca042a91d3c202e09093aa7ea9d318b53b7694dd643a9641cff4801fb6f0e6f4644221659da8e1c76c875032ac5beab10fc98fc3d1ced3f2057194224c32d58
SSDEEP

98304:/kLbKbSwLj7UrHbBBPXZpZehFWLcHTjuV1Xr08QCUuGE8n:EbgSyoDbc2cHTkb0M18n

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
1740	MusicConverter.tmp

Loads dropped DLL 1 IoCs

pid	Process
2272	MusicConverter.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2272 wrote to memory of 1740	2272	MusicConverter.exe	28
PID 2272 wrote to memory of 1740	2272	MusicConverter.exe	28
PID 2272 wrote to memory of 1740	2272	MusicConverter.exe	28
PID 2272 wrote to memory of 1740	2272	MusicConverter.exe	28
PID 2272 wrote to memory of 1740	2272	MusicConverter.exe	28
PID 2272 wrote to memory of 1740	2272	MusicConverter.exe	28
PID 2272 wrote to memory of 1740	2272	MusicConverter.exe	28

C:\Users\Admin\AppData\Local\Temp\MusicConverter.exe
"C:\Users\Admin\AppData\Local\Temp\MusicConverter.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2272
- C:\Users\Admin\AppData\Local\Temp\is-LP8TH.tmp\MusicConverter.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-LP8TH.tmp\MusicConverter.tmp" /SL5="$70120,2916589,868352,C:\Users\Admin\AppData\Local\Temp\MusicConverter.exe"
  2⤵
  - Executes dropped EXE
  PID:1740

C:\Users\Admin\AppData\Local\Temp\is-LP8TH.tmp\MusicConverter.tmp

Filesize
3.1MB

MD5
26eb484be12f2cd7c6b63655a5d91f81

SHA1
33f832ce0a46d6ca740dd40527034be5e48c76d0

SHA256
2cfa3108a0033821122f4c956802836626589bf4b6416315eee0c923858f533a

SHA512
aa0eb37d0b191b49435f75b75d0b964f36f37ca55a5868f32827f37b6539480863291a1dbc42fe901dc6fd9649656eac29f4ffc9a7e6b426f9d7d50cdeef6192

Download Submit
\Users\Admin\AppData\Local\Temp\is-LP8TH.tmp\MusicConverter.tmp

Filesize
3.1MB

MD5
26eb484be12f2cd7c6b63655a5d91f81

SHA1
33f832ce0a46d6ca740dd40527034be5e48c76d0

SHA256
2cfa3108a0033821122f4c956802836626589bf4b6416315eee0c923858f533a

SHA512
aa0eb37d0b191b49435f75b75d0b964f36f37ca55a5868f32827f37b6539480863291a1dbc42fe901dc6fd9649656eac29f4ffc9a7e6b426f9d7d50cdeef6192

Download Submit
memory/1740-8-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/1740-11-0x0000000000400000-0x000000000071D000-memory.dmp

Filesize
3.1MB

Download
memory/1740-12-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2272-1-0x0000000000400000-0x00000000004E1000-memory.dmp

Filesize
900KB

Download
memory/2272-10-0x0000000000400000-0x00000000004E1000-memory.dmp

Filesize
900KB

Download