Overview

overview

10

Static

static

10

Crealexe.exe

windows7-x64

7

Crealexe.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    07-01-2024 19:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Crealexe.exe

  • Size

    7.2MB

  • MD5

    cd3df7cb617987725f0435887c0bbd05

  • SHA1

    2a95ff3dcf528d0a521c05db40e5a43ad70b5986

  • SHA256

    0e201afd9ce90d9a171cf3eeb999c36f38490c3a85e1d0349a8f18adaa0e72a7

  • SHA512

    c69dca39f0902f9d30bc2b49fac35aee81df4f7ede997942cd877070a01dd8265ea0925af97247cb8906dbd7293119d7257ca74fab2e8edaf0702ce3e26ee57d

  • SSDEEP

    196608:c3CT+aj1rpnrJehwiIbZg4TIdQNm5XKCt7oOGJwDb2:sCT+aoqbCdQyftfGJwDb2

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Crealexe.exe
    "C:\Users\Admin\AppData\Local\Temp\Crealexe.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2540
    • C:\Users\Admin\AppData\Local\Temp\Crealexe.exe
      "C:\Users\Admin\AppData\Local\Temp\Crealexe.exe"
      2⤵
      • Loads dropped DLL
      PID:2708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI25402\python310.dll
    Filesize

    243KB

    MD5

    b23a8449c6d6fa516a1491cccdad5a7a

    SHA1

    45793e0fd7e28789cf878525f8a15c1775a7b01f

    SHA256

    d4502a6a76b8c9ddf12bf6a3716ac9331a1c0ba56d9d037d22b3e05258cd94b6

    SHA512

    2225fdf6f984b86f4b983203d010fa6461911418aecad9b7988179ffa1c79e631ebdb79a120d290c8ac33455b0a5f72c14062165f11c12c1bc83e431dc6cc02e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI25402\python310.dll
    Filesize

    3.3MB

    MD5

    07cd192b604ee8e8bbd7fa9f843459dc

    SHA1

    835ff5ae8d4d769c4bea190f47f0cb6f5c7d4028

    SHA256

    08a3a6590032ee175ec3445545879b78205c472e2059f3a9d6f61884b958c2dc

    SHA512

    dfcad72410e914d87030a44934481ff53805d47bc5bc0e153acb72e97c0a8dcfcc6d98ea6339434f9f990973dfc4b2861de7a71d7b695c2a4017b2845db8b078

    Download Submit