Overview

overview

7

Static

static

3

091557d8f6...0c.exe

windows7-x64

7

091557d8f6...0c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 05:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    091557d8f6e51a4079b52880c8313e0c.exe

  • Size

    6.6MB

  • MD5

    091557d8f6e51a4079b52880c8313e0c

  • SHA1

    9eb61812dbc7713ab6f55633f1291da05ff7f0b3

  • SHA256

    672cb887b64a007e4e7cd98d429960d15474328ff1b8369e0d98c65874eddc6d

  • SHA512

    6c9ef13dd8695b4c409e707f4842e68650fb253dd62ccc41cf7b1d721c66f7676fd9f34cc5b5435991993e2352d3ffdc634c137c15742b8456c01e73b87bb50d

  • SSDEEP

    196608:SYC4PmCsXDjDyf6L2WliXYrHW1LHMmpe:g4PmCEDVL2ciIrHWRHMg

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\091557d8f6e51a4079b52880c8313e0c.exe
    "C:\Users\Admin\AppData\Local\Temp\091557d8f6e51a4079b52880c8313e0c.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3060
    • C:\Users\Admin\AppData\Local\Temp\091557d8f6e51a4079b52880c8313e0c.exe
      "C:\Users\Admin\AppData\Local\Temp\091557d8f6e51a4079b52880c8313e0c.exe"
      2⤵
      • Loads dropped DLL
      PID:3028

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI30602\python39.dll
          Filesize

          385KB

          MD5

          4d7da19f299d81263fbf4eab7e82abd9

          SHA1

          eda52589b248c894c0804199c57883a45846e095

          SHA256

          5594a0c93ee126169f86a254a10c18e8eb728983b6f62b58d5928344da6386ee

          SHA512

          a8f7a038d43d503b41cd2a84e5b8d33f345f645dcb3c6d7806871caa1a1983dc16c6dbbe19f3bfbb857e9d45b9426677de7b1710aab762357eeb26b240183481

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI30602\python39.dll
          Filesize

          381KB

          MD5

          804fa3764817fca88862db5158414b93

          SHA1

          d0d7476547439428e0991edc150f74f130756aff

          SHA256

          1881f1b62003eda2fa04d0ef4b248690389bbddfa8967bbe75e4c27223773c78

          SHA512

          b708281fda7dfdb6d4c62b1c4c1bd89d886ff7adbe2732158a47887fccda3326043e79e6da24c73dcfe675a2810cc34a303bfe8250454a730617315961a0917b

          Download Submit