Overview

overview

7

Static

static

3

LoaderFix.exe

windows7-x64

7

LoaderFix.exe

windows10-2004-x64

7

Resubmissions

05/11/2023, 00:56

231105-bagvssah74 7

05/11/2023, 00:50

231105-a6767aah56 7

05/11/2023, 00:45

231105-a4ervsah29 7

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    05/11/2023, 00:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LoaderFix.exe

  • Size

    16.4MB

  • MD5

    426e0ff77ea12d3f1bd349a753e6a06f

  • SHA1

    4cfb819488822c4e75db3ca1349d7fb69c03f261

  • SHA256

    f631f5f5fd53a53129dca28f41765bfab3f98b92773ccc501012c6b6030907f5

  • SHA512

    4ace54c21739113ee5058d85f05d505c32405e3b9bf768a8ffda3fb69f195241186b8f88b92c08e5eb2af754713dbcdf6e865285f1cddbaf1a4262d5853e4f01

  • SSDEEP

    393216:TJz7B2D4RqKQETSevJHOqqq0e1opUJEFd2Cp1:lfQD4sKQEWehR0s

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\LoaderFix.exe
    "C:\Users\Admin\AppData\Local\Temp\LoaderFix.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2980
    • C:\Users\Admin\AppData\Local\Temp\LoaderFix.exe
      "C:\Users\Admin\AppData\Local\Temp\LoaderFix.exe"
      2⤵
      • Loads dropped DLL
      PID:2196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI29802\faker\providers\job\es_MX\__init__.py
    Filesize

    83B

    MD5

    eeaa6ca5cb7f4bb1d7e75797f9b5af37

    SHA1

    0ac3743facacbc2090930b41cf38bcfe2951eb37

    SHA256

    ce99db30f577944104a7365372ea8363cd9d0087a6e9d88f7b835a1926da336c

    SHA512

    b492e6fa3eb607683a6c6f5696835aeae5e4c12fd2d44346bfd954d25c0bcf5bda808c175b0b17e26a0d5daf4f91d8588de119f5b747a80b3cfe53f68bbecd7c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI29802\python311.dll
    Filesize

    5.5MB

    MD5

    5a5dd7cad8028097842b0afef45bfbcf

    SHA1

    e247a2e460687c607253949c52ae2801ff35dc4a

    SHA256

    a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce

    SHA512

    e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29802\python311.dll
    Filesize

    5.5MB

    MD5

    5a5dd7cad8028097842b0afef45bfbcf

    SHA1

    e247a2e460687c607253949c52ae2801ff35dc4a

    SHA256

    a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce

    SHA512

    e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

    Download Submit