Overview

overview

10

Static

static

10

Oxlo (1).exe

windows7-x64

7

Oxlo (1).exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    18-11-2023 23:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Oxlo (1).exe

  • Size

    13.2MB

  • MD5

    e01c259ea4e8e6f35479d26e40cf1a75

  • SHA1

    361aa68bc5e5055a06e4d3689b8ba0612a595614

  • SHA256

    4e5c5be9b02a4b49b74de6420c0f91d0e860b4bd9327fcd8f13dfff880dc25a7

  • SHA512

    220e99ad2987c2f6c3ec2aab8c40656010bf40095ddd08457a2a87f1e6521a62cc2cd082ea89c1520eb40b0a498d4569823a04622920a82bb702d839539ffdaf

  • SSDEEP

    393216:biIE7Yo9+4uOwKnwW+eGQRJ9jo7BGcGnaJKt/WorLu:I7r9+RONwW+e5RJ9MyprLu

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Oxlo (1).exe
    "C:\Users\Admin\AppData\Local\Temp\Oxlo (1).exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2552
    • C:\Users\Admin\AppData\Local\Temp\Oxlo (1).exe
      "C:\Users\Admin\AppData\Local\Temp\Oxlo (1).exe"
      2⤵
      • Loads dropped DLL
      PID:2736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI25522\python312.dll
    Filesize

    6.6MB

    MD5

    5c5602cda7ab8418420f223366fff5db

    SHA1

    52f81ee0aef9b6906f7751fd2bbd4953e3f3b798

    SHA256

    e7890e38256f04ee0b55ac5276bbf3ac61392c3a3ce150bb5497b709803e17ce

    SHA512

    51c3b4f29781bb52c137ddb356e1bc5a37f3a25f0ed7d89416b14ed994121f884cb3e40ccdbb211a8989e3bd137b8df8b28e232f98de8f35b03965cfce4b424f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI25522\python312.dll
    Filesize

    6.6MB

    MD5

    5c5602cda7ab8418420f223366fff5db

    SHA1

    52f81ee0aef9b6906f7751fd2bbd4953e3f3b798

    SHA256

    e7890e38256f04ee0b55ac5276bbf3ac61392c3a3ce150bb5497b709803e17ce

    SHA512

    51c3b4f29781bb52c137ddb356e1bc5a37f3a25f0ed7d89416b14ed994121f884cb3e40ccdbb211a8989e3bd137b8df8b28e232f98de8f35b03965cfce4b424f

    Download Submit