Overview

overview

7

Static

static

3

fight.exe

windows7-x64

7

fight.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 17:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fight.exe

  • Size

    7.2MB

  • MD5

    6591fefcbed30d5b1d07004911b42f3e

  • SHA1

    265cb9668a746293dfc4156005d3865728966564

  • SHA256

    66e8cd483fecac0f1cb9ab74cad35ae7c4993b7621c5afedf55801796d1706fc

  • SHA512

    41f908619deddbcd5d4d4708db1e8dace048f1340d542c0c2677aa62fc030e44038a2addacaf8900102bd95aefad95d3435360d056db5a18d7fee82a59f51798

  • SSDEEP

    196608:xSoP1HdXfZ8bnti7tbYPvbJQlHHbTvN8CbpYC:rP1JR8JCkJQlbTjL

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 14 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fight.exe
    "C:\Users\Admin\AppData\Local\Temp\fight.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2072
    • C:\Users\Admin\AppData\Local\Temp\fight.exe
      "C:\Users\Admin\AppData\Local\Temp\fight.exe"
      2⤵
      • Loads dropped DLL
      • Suspicious use of AdjustPrivilegeToken
      PID:1576

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI20722\_ctypes.pyd
          Filesize

          102KB

          MD5

          10861d3fa19d7dc3b41eb6f837340782

          SHA1

          b258d223b444ab994ec2fec95acaa9f82dc3938c

          SHA256

          6255bab0b7f3e2209a9c8b89a3e1ec1bbc7a29849a18e70c0cf582a63c90bed1

          SHA512

          ec83134c9bce9cedeee8ebdb8e382fb7f944a7bc9d3bb47c7e3144ef2ef95114a36ac1cc8c0d52f434ee4c359d938a2d7c035e699c4407df728e200de7da4af9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI20722\_hashlib.pyd
          Filesize

          31KB

          MD5

          4f51ed287bbae386090a9bcc3531b2b8

          SHA1

          26bd991ae8c86b6535bb618c2d20069f6d98e446

          SHA256

          5b6da4b43c258b459159c4fbc7ad3521b387c377c058fe77ad74ba000606d72e

          SHA512

          2eb2ccd8e9c333b5179cf8f9fd8520cb3d025e23a10dca3922e28521cfb9a38f9dd95f5d4f2784643eed08925d9008e5238ff9f93bdd39ee55414131186edff8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI20722\base_library.zip
          Filesize

          1000KB

          MD5

          90c0898cd529e19ba0c800d0e1f42a2a

          SHA1

          35882c9e2519be24ad4625031c942722946e791e

          SHA256

          980eab75d2e03b71fa4327da3a3126ad6980ff60a5cf9ad2b96ce06ad15ae3bd

          SHA512

          3527929f185b4a044d925c8cca0fc028d470c48756623762722bce483f9b9541d073bee69529c5b4c7b0b9e3b81307fa3afd0a7a4d9df60f93c66b85af6cce46

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI20722\python37.dll
          Filesize

          1.2MB

          MD5

          4721eb4232baf13a1965b119338f7dab

          SHA1

          f2e53575b9718bc78974dc3b9cf48bb66ac46ae2

          SHA256

          6efa1dd84aafb0529935b478acac21695597bc1f4887058afef2355513aeb450

          SHA512

          df2337f8d9a882732e0f91f438b03bd20c0e4587205ebd2309457309a4876b0a5600465807c0aa04cc0713e27214d5ed842563f755fe8d1ea57b5a5a69d39a67

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI20722\tcl\encoding\cp1252.enc
          Filesize

          1KB

          MD5

          5900f51fd8b5ff75e65594eb7dd50533

          SHA1

          2e21300e0bc8a847d0423671b08d3c65761ee172

          SHA256

          14df3ae30e81e7620be6bbb7a9e42083af1ae04d94cf1203565f8a3c0542ace0

          SHA512

          ea0455ff4cd5c0d4afb5e79b671565c2aede2857d534e1371f0c10c299c74cb4ad113d56025f58b8ae9e88e2862f0864a4836fed236f5730360b2223fde479dc

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI20722\VCRUNTIME140.dll
          Filesize

          81KB

          MD5

          aeab74db6bc6c914997f1a8a9ff013ec

          SHA1

          6b717f23227d158d6aa566498c438b8f305a29b5

          SHA256

          18ccb2dd8af853f4e6221bb5513e3154ef67ae61cee6ec319a8a97615987dc4b

          SHA512

          a2832b7720599361e2537f79a2597acb1a2d5633fdfe20a0d1075e9457683fdb1d5676d121c0bf1a825ff99512dcd924254f1151b50aae922acc0cc10f461036

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI20722\_ctypes.pyd
          Filesize

          4KB

          MD5

          8991adf1ae8482c6f3c86db1b3f7008b

          SHA1

          4e4669f387a4e9ef18f0c3f549131b95283bb6bd

          SHA256

          471547ab92777645efe0d396a8b741618c5b2a08aab6756e1a064afa234e457f

          SHA512

          de7dd76987358967678763f4c4c72b68e083b6f1a0e6d2fa7963be1772026e4db1c0c5648b40e3ef2e8444bff3aa7a9af17c99389fd04164779e35af5fb9a619

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI20722\_tkinter.pyd
          Filesize

          52KB

          MD5

          d8bef3883f3e58c6257c43b059f652b0

          SHA1

          50aa092861b518fec5effe3d1d3fd37fdd2ceb9e

          SHA256

          80bfb1a85f5de28b084dec0a6ff3b89c90fe68979e863ed0c52397c77b6e6a20

          SHA512

          b7bd89bb112dfc598af346a017662bde854f7a214b8681bd113212fc922069ff5b37238a89c734c0edb994a2a9f3720e346c5fe7b7b174798769ff7412f991bd

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI20722\python37.dll
          Filesize

          1.4MB

          MD5

          49705ba73e822f923e3ccbd600e98a83

          SHA1

          62ad66aea00d2eccb45ece77026c2de8b15821c3

          SHA256

          618fce58e3dbe9d51a4abf6c937b13e8d600bd7c87ca3593cd206ad77762567a

          SHA512

          7edfe38212803e9bfde3530e7902524c38e2b751f97d40b42bf0463e7a5d150592f1115e2b7a32c3c70be8b2249649e79dfbf7b63bfdb86cc03307bb440bda9e

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI20722\tcl86t.dll
          Filesize

          218KB

          MD5

          0bd33185cc2d8a94acbc580088d3d34e

          SHA1

          91db16c8b2e21cd27d9fae8923e9d356adbab4e4

          SHA256

          d6a01c37d00ae85189441b3ba08345cba33d7e7e39428df6d15ca26b7682871b

          SHA512

          012c8cff86d24ac017f31a0439f31dd6de9f55fb57867b25e38e96e8728eabdb0f5e38b3e594675821407882b3f7b967a36303b3eb6b56d12cc87cd02e194bad

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI20722\tk86t.dll
          Filesize

          30KB

          MD5

          62166116248cabed28b465ac95d67ad6

          SHA1

          486fa79919c6aec76b97cd0a3ecc275032f9a99f

          SHA256

          93f5bd7c10d968208e7dd4b31dcaf9744f95be898f3229d5b42f162e2658ba80

          SHA512

          d7b4cebd8645b2813e617706d7b2af8f62e7507468e315682c5b999f4d456116cf35cb8c3f27f02b0ddad151f9b849caa808c1fe34658278e699bea17fbb2544

          Download Submit