5e11b1e3460f1d74036b8cc0ad783cb77b5dc671a16d3fbf45cd8e0c0b4b3ba0

Analysis

max time kernel
142s
max time network
198s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
24-12-2023 09:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

webhook.exe
Size

6.9MB
MD5

48398f38dffad977af4894c909310c55
SHA1

cec4b0c75a44c5da9bed6fcd480b37ab336aaf27
SHA256

5e11b1e3460f1d74036b8cc0ad783cb77b5dc671a16d3fbf45cd8e0c0b4b3ba0
SHA512

dcb77a4b37bb45a7547660af6f19c10eaf71a052b6f3bed750650cb284ac5658b14f828591477940855d3ff9590f8dc95d0971a60db716c90675c33657ee7073
SSDEEP

196608:gpuW1W903eV4Q+tpDjIIAcwD0RPdvvk9LIL:0W+eGQ69jo06k

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 2 IoCs

pid	Process
4312	webhook.exe
4312	webhook.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 4948 wrote to memory of 4312	4948	webhook.exe	90
PID 4948 wrote to memory of 4312	4948	webhook.exe	90

C:\Users\Admin\AppData\Local\Temp\webhook.exe
"C:\Users\Admin\AppData\Local\Temp\webhook.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4948
- C:\Users\Admin\AppData\Local\Temp\webhook.exe
  "C:\Users\Admin\AppData\Local\Temp\webhook.exe"
  2⤵
  - Loads dropped DLL
  PID:4312

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI49482\VCRUNTIME140.dll

Filesize
106KB

MD5
4585a96cc4eef6aafd5e27ea09147dc6

SHA1
489cfff1b19abbec98fda26ac8958005e88dd0cb

SHA256
a8f950b4357ec12cfccddc9094cca56a3d5244b95e09ea6e9a746489f2d58736

SHA512
d78260c66331fe3029d2cc1b41a5d002ec651f2e3bbf55076d65839b5e3c6297955afd4d9ab8951fbdc9f929dbc65eb18b14b59bce1f2994318564eb4920f286

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\_bz2.pyd

Filesize
82KB

MD5
c7ce973f261f698e3db148ccad057c96

SHA1
59809fd48e8597a73211c5df64c7292c5d120a10

SHA256
02d772c03704fe243c8de2672c210a5804d075c1f75e738d6130a173d08dfcde

SHA512
a924750b1825747a622eef93331fd764d824c954297e37e8dc93a450c11aa7ab3ad7c3b823b11656b86e64de3cd5d409fda15db472488dfaa4bb50341f0b29d1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\_decimal.pyd

Filesize
247KB

MD5
21c73e7e0d7dad7a1fe728e3b80ce073

SHA1
7b363af01e83c05d0ea75299b39c31d948bbfe01

SHA256
a28c543976aa4b6d37da6f94a280d72124b429f458d0d57b7dbcf71b4bea8f73

SHA512
0357102bffc2ec2bc6ff4d9956d6b8e77ed8558402609e558f1c1ebc1baca6aeaa5220a7781a69b783a54f3e76362d1f74d817e4ee22aac16c7f8c86b6122390

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\_hashlib.pyd

Filesize
63KB

MD5
f495d1897a1b52a2b15c20dcecb84b47

SHA1
8cb65590a8815bda58c86613b6386b5982d9ec3f

SHA256
e47e76d70d508b62924fe480f30e615b12fdd7745c0aac68a2cddabd07b692ae

SHA512
725d408892887bebd5bcf040a0ecc6a4e4b608815b9dea5b6f7b95c812715f82079896df33b0830c9f787ffe149b8182e529bb1f78aadd89df264cf8853ee4c4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\_lzma.pyd

Filesize
155KB

MD5
4e2239ece266230ecb231b306adde070

SHA1
e807a078b71c660db10a27315e761872ffd01443

SHA256
34130d8abe27586ee315262d69af4e27429b7eab1f3131ea375c2bb62cf094be

SHA512
86e6a1eab3529e600dd5caab6103e34b0f618d67322a5ecf1b80839faa028150c492a5cf865a2292cc8584fba008955da81a50b92301583424401d249c5f1401

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\_socket.pyd

Filesize
81KB

MD5
899380b2d48df53414b974e11bb711e3

SHA1
f1d11f7e970a7cd476e739243f8f197fcb3ad590

SHA256
b38e66e6ee413e5955ef03d619cadd40fca8be035b43093d2342b6f3739e883e

SHA512
7426ca5e7a404b9628e2966dae544f3e8310c697145567b361825dc0b5c6cd87f2caf567def8cd19e73d68643f2f38c08ff4ff0bb0a459c853f241b8fdf40024

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\base_library.zip

Filesize
401KB

MD5
3b154ac8e53456cfb36a845e5b8df385

SHA1
3e406a8d18b1255b88ea8c36c493b38d71babfa0

SHA256
a3bf1696f8d7d46554c0e45f2f2acc5c70ed3ab173fb86cbee16060b77f619aa

SHA512
ec8a7bdad3f0e9c2c089e5ad9ff5cc6ea81099e75c8bb900ef00a506e2b40db41da9d1b98aaec42c9c10adb6925e3fdba5b78410f8f226019c22e2cd73edfc5c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\libcrypto-3.dll

Filesize
329KB

MD5
2158e1c91154704648d75719beecd7a2

SHA1
95ae31124856a69b143956ef80e31fdc0d270e7a

SHA256
fae9a80ece5d3c19cb4e75a436a5e02705b47e6d03b0e5830f9157478e48649b

SHA512
48128eb931651ae2b1560cc065d806dbf63b4e3a0ae4006d2a31eb75d9bbbe03b880e198953c458b4fcbc1d2e1fc71fcad19b21263cde6dbf006638af61571e5

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\python312.dll

Filesize
3.1MB

MD5
17dacce561be819ac9cf0b6e97c03b87

SHA1
0855c2368495f3c9e96bcd87f696cd4988f8f19f

SHA256
dfe827f8a6caec786fdd46d5e5c472e1cb2b239123a53139445c6afe138d761c

SHA512
9cc354dd47555beb3e85b0c582306a06876dbb2e03723c16a6e2f10299fcbfd27ec734ef8710c1df16e63bd00a2fd56ebb0c5b2a63a80ad8e13310423291160a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\python312.dll

Filesize
685KB

MD5
3f77d3553aa43ee046bc232aa47bd8f3

SHA1
f009eb758b1a93799963f29121976866b4482082

SHA256
2b71f230d2cc8c5ab8adee876fc2d0df0c67539b0bae50394b688e10405ba332

SHA512
bdb5efeca4cbb19d4ff447d9f41b87972d24f0f10ad8667b576055135e34ac4944200f775c802919654de5237acda3deb11868a0007c8b262cf43eedccf63555

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\select.pyd

Filesize
30KB

MD5
bffff83a000baf559f3eb2b599a1b7e8

SHA1
7f9238bda6d0c7cc5399c6b6ab3b42d21053f467

SHA256
bc71fbdfd1441d62dd86d33ff41b35dc3cc34875f625d885c58c8dc000064dab

SHA512
3c0ba0cf356a727066ae0d0d6523440a882aafb3ebdf70117993effd61395deebf179948f8c7f5222d59d1ed748c71d9d53782e16bd2f2eccc296f2f8b4fc948

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI49482\unicodedata.pyd

Filesize
192KB

MD5
3a0ff9bb3ee8467b5dc0d8a49d56b9a4

SHA1
f3755d8e3349ef85c44451261ece94071442e864

SHA256
d7b47d5fe762e74926df1a620cd62c2508aa4b579b901464955e62d7a1f8fffb

SHA512
ab06ee56705f91a174f42f2a03e9391e0f5632f41222057b9be1a26552bea7b53047deb1aaabc95f5add7b35e987aa9d910b854d397473d1fa507934e914d466

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads