ac939deb44cbd4cb77fe9b85fab140422ea9c96320e688515d7238939b718ee9

Analysis

max time kernel
145s
max time network
78s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
02/01/2024, 18:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fenetre.exe
Size

13.5MB
MD5

d51d33eb0f0c0ecc8ec735f47e49c6bd
SHA1

37142899c322e98acee5ac5a4a84a669e8e3b22b
SHA256

ac939deb44cbd4cb77fe9b85fab140422ea9c96320e688515d7238939b718ee9
SHA512

a16de8e567f1e3dc564ec06fbcb0d3284b97ca289ed7144bfd31d9710d75a9127148a1a137b232d8627258ffd0905e7e47dba7ca5215d707f3a9a6374ba03628
SSDEEP

196608:uEoh5dQmR5dA6lsuErSEEJw/aq2c8Ft1L4iNxoFhnfQQJYS30W8/La9U4GmSlWX:fEdQ2ls+9Joaq2h4owBfQQehW83Qg

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 21 IoCs

pid	Process
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe
2560	fenetre.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 2044 wrote to memory of 2560	2044	fenetre.exe	93
PID 2044 wrote to memory of 2560	2044	fenetre.exe	93

C:\Users\Admin\AppData\Local\Temp\fenetre.exe
"C:\Users\Admin\AppData\Local\Temp\fenetre.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2044
- C:\Users\Admin\AppData\Local\Temp\fenetre.exe
  "C:\Users\Admin\AppData\Local\Temp\fenetre.exe"
  2⤵
  - Loads dropped DLL
  PID:2560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI20442\VCRUNTIME140.dll

Filesize
106KB

MD5
870fea4e961e2fbd00110d3783e529be

SHA1
a948e65c6f73d7da4ffde4e8533c098a00cc7311

SHA256
76fdb83fde238226b5bebaf3392ee562e2cb7ca8d3ef75983bf5f9d6c7119644

SHA512
0b636a3cdefa343eb4cb228b391bb657b5b4c20df62889cd1be44c7bee94ffad6ec82dc4db79949edef576bff57867e0d084e0a597bf7bf5c8e4ed1268477e88

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20442\_ctypes.pyd

Filesize
120KB

MD5
df6be515e183a0e4dbe9cdda17836664

SHA1
a5e8796189631c1aaca6b1c40bc5a23eb20b85db

SHA256
af598ae52ddc6869f24d36a483b77988385a5bbbf4618b2e2630d89d10a107ee

SHA512
b3f23530de7386cc4dcf6ad39141240e56d36322e3d4041e40d69d80dd529d1f8ef5f65b55cdca9641e378603b5252acfe5d50f39f0c6032fd4c307f73ef9253

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20442\_socket.pyd

Filesize
76KB

MD5
0fc65ec300553d8070e6b44b9b23b8c0

SHA1
f8db6af578cf417cfcddb2ed798c571c1abd878f

SHA256
360744663fce8dec252abbda1168f470244fdb6da5740bb7ab3171e19106e63c

SHA512
cba375a815db973b4e8babda951d1a4ca90a976e9806e9a62520a0729937d25de8e600e79a7a638d77df7f47001d8f884e88ee4497bd1e05c1dae6fa67fb3dd8

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20442\_ssl.pyd

Filesize
155KB

MD5
93905020f4158c5119d16ee6792f8057

SHA1
eb613c31f26ed6d80681815193ffafdf30314a07

SHA256
d9cc4358d9351fed11eec03753a8fa8ed981a6c2246bbd7cb0b0a3472c09fdc4

SHA512
0de43b4fafdd39eaaff6cab613708d56b697c0c17505e4132d652fb3f878c2114f5e682745a41219193c75e783aede524685b77bd31620f8afe9c7b250f92609

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20442\base_library.zip

Filesize
1.4MB

MD5
66cb4694c2de62012270684367038b44

SHA1
fc50bda9a7224ae550406c9bb61e0e6e2c3ad657

SHA256
39c6be1e224ec326bde5b6cc7c044cb65aebde3a0d224b25b96bbb6b49c3c9e6

SHA512
b7f29aa2177f12d8c9d03a8f5856d76c1b2f14c59d0c61570252f074e4f6b5e4640e9b060748d471441f17d3f0e5fa916fd2240b16c49d8fdfc1e8356ed0280c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20442\libffi-8.dll

Filesize
37KB

MD5
d86a9d75380fab7640bb950aeb05e50e

SHA1
1c61aaf9022cd1f09a959f7b2a65fb1372d187d7

SHA256
68fba9dd89bfad35f8fd657b9af22a8aebda31bffda35058a7f5ae376136e89b

SHA512
18437e64061221be411a1587f634b4b8efa60e661dbc35fd96a6d0e7eff812752de0ada755c01f286efefc47fb5f2daf07953b4cfc4119121b6bee7756c88d0f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20442\libssl-1_1.dll

Filesize
382KB

MD5
8ff88c833ac086eecabbf0888409aee2

SHA1
e0aabc37942d66c2204946f357f6a63b9b274f0a

SHA256
6a01000dd93c6a50153a787295060b4d9cbfe55457a1fa414b16acf61ae58c85

SHA512
f7dc843fa92e00116e7f382df2b993f55f0193174296220663a1af409285ff8a6e49512a97c8d58a1c4b0d5bd1190c1a6b472772d4bd2017795be2dc2c7e9ba3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20442\python311.dll

Filesize
1024KB

MD5
e9bc2bcfe7826e7a786d76f8b46c4030

SHA1
993ebedc08d5421fbf841e87d5c1c34d87bb0c9c

SHA256
45e5f9f7cc635f71ee74b370bb2d1b87b1dbbb2ba3d4c80ada8935094253a89d

SHA512
9e9c7d37ed41300cb3c036fc2f563b10b0468a929c13a893cf79780320b139b715664ffc6350d29a4ba0c54c2eebde1551428beee2db22517d83ee0d3525e911

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20442\python311.dll

Filesize
382KB

MD5
0e45afd411cc2354953994d227205189

SHA1
2983b0a842e01bdd34d14c6cd5b67b8451b55f29

SHA256
d041c2886a3fdf84f135e822ea547e3a5f5b88069e9daada61acba7dcec20f7a

SHA512
b4be4842403ba2a8e3dab18ffbc0d39f2f613761ca2390d71bfcf43790c6529021b938c4fecd5312dfa2efa93ede157c0015ac649090045e9d23cbc513f111a7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20442\select.pyd

Filesize
28KB

MD5
116335ebc419dd5224dd9a4f2a765467

SHA1
482ef3d79bfd6b6b737f8d546cd9f1812bd1663d

SHA256
813eede996fc08e1c9a6d45aaa4cbae1e82e781d69885680a358b4d818cfc0d4

SHA512
41dc7facab0757ed1e286ae8e41122e09738733ad110c2918f5e2120dfb0dbff0daefcad2bffd1715b15b44c861b1dd7fb0d514983db50ddc758f47c1b9b3bf3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20442\tinyaes.cp311-win_amd64.pyd

Filesize
29KB

MD5
f79827cc560c51e5d2bae9009f70384b

SHA1
e72773e5189c4f931b00d50429552291841a64c2

SHA256
50ef49badc6c6a212fe245fdfa07a5dc43f0bde01578a30733df27c294480ab0

SHA512
624715e1c0b37736fe871a540430e2a11866961da018de4d0551d95e669d069a7d50169a66d407825562746e6eedbf4174c9ad6b6b94522ca9086df93ba94a51

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads