Overview

overview

7

Static

static

3

81bd134c40...f5.exe

windows7-x64

7

81bd134c40...f5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231130-en
  • resource tags

    arch:x64arch:x86image:win7-20231130-enlocale:en-usos:windows7-x64system
  • submitted
    11/12/2023, 02:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    81bd134c40c452d296566bc3099dfdf5.exe

  • Size

    21.7MB

  • MD5

    81bd134c40c452d296566bc3099dfdf5

  • SHA1

    6e85c92698e85205b59546ec7e1c5fbd49eff787

  • SHA256

    530996f75d9337ced572caf9c5da23d92857847e7550ff77794d337bd17f0331

  • SHA512

    77bcc8bc54cb0d12d53a60d5e809db93772e8075f72ee7cee49d86f3ec7ebae96121966eba41bfc47d45793842a5d27e717f35f59486dfb7999534fc29d5dfb5

  • SSDEEP

    393216:ejId07OQtsPNZcPpUTLfhJsW+eGQRLn/ikWMW4cyQab87LA6dpdqqY2o:KIddQtsUUTLJSW+e5RbqPk4aoZ6qn

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\81bd134c40c452d296566bc3099dfdf5.exe
    "C:\Users\Admin\AppData\Local\Temp\81bd134c40c452d296566bc3099dfdf5.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Users\Admin\AppData\Local\Temp\81bd134c40c452d296566bc3099dfdf5.exe
      "C:\Users\Admin\AppData\Local\Temp\81bd134c40c452d296566bc3099dfdf5.exe"
      2⤵
      • Loads dropped DLL
      PID:2780

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI22082\python311.dll
          Filesize

          3.3MB

          MD5

          11fe0b1744ac9a6a4df5c1c7921b5f6c

          SHA1

          5a6493449c00dd54b5b0c9cc07ebbd03cabef63c

          SHA256

          661b0c9d84c860060266577f346bfee053d795d2db2b58e80e9013b0c178c08f

          SHA512

          f8fb920b1338289d1860801b676ae345eb29acd0adbd87e77ab21e83671fb9fdab3df486bb4052f84c8ec0b6c7b9f5e2eb6ea4ec2c3537611aa7a3d761f8690e

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI22082\python311.dll
          Filesize

          3.0MB

          MD5

          b77cd05bc34ab3db39ce6ff451849920

          SHA1

          1f60e0e65f09c0b6685406717d57559ccd380e3c

          SHA256

          9fe5cfaf3608d60c465fd9b5dc7360a3a170598bd69a4ce22c95e5ee6bfd8d24

          SHA512

          3f6d448683121f4a8914b901fb3db42c8e2d17648a519ca61f473f02f76e4dba0cdf3289853c3530270884949cf97032c3aaa24d95f206cfa4af27e7c3b42068

          Download Submit