Overview

overview

10

Static

static

10

Unban.exe

windows7-x64

7

Unban.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    14-01-2024 12:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Unban.exe

  • Size

    15.8MB

  • MD5

    8575bf542cb7ea7b24c262cbad6236bc

  • SHA1

    503b6f7ca3e41c4c25de0f53ef9848e9ccb7a333

  • SHA256

    7c443e4eb98e13875771d1b77dafd45ca3079a32a917d571fffb4d60f23d797f

  • SHA512

    3f5333859a685d9fcf7c016abe749784052008238a6bcc6084bf29dbd7057c9aa9cf89757add09f015cfb73fc9a8d588295c617979295cc827c636c6aa465a9f

  • SSDEEP

    393216:WiIE7YoSDBntpUTLfhJsW+eGQRCMTozGxu8C0ibfz6e57v0b8X6Wkg0:X7rSDJHUTLJSW+e5RLoztZ026e5IbLg0

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Unban.exe
    "C:\Users\Admin\AppData\Local\Temp\Unban.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Users\Admin\AppData\Local\Temp\Unban.exe
      "C:\Users\Admin\AppData\Local\Temp\Unban.exe"
      2⤵
      • Loads dropped DLL
      PID:2636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22202\python312.dll
    Filesize

    2.7MB

    MD5

    f4d3dd85d3a313c23f5275edcbc586e4

    SHA1

    dbccead9beb4dfeaabf2217e96577e0dd435edac

    SHA256

    4232d30a4f7d0e5e86deac89a5a9f298ad2a7ae9dd84cd7768514bdd96436e3f

    SHA512

    972cb4045b4e82cd917995133e7ee27ddf3628864935ef9c7384fde3e94eb4eaedbc967fa7c91d57e24e2e07619c73dec466c9a2d6d534a3fd7f1ef2aae5645e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI22202\python312.dll
    Filesize

    2.9MB

    MD5

    d3c9aca981b79f48483dc3f7161101b4

    SHA1

    df29c03491ef8952dd71581cb39af5ce9021b120

    SHA256

    f6854a0040d41830052a6a29b98ad1f2151a760551de0edf069575a4e19b8c0a

    SHA512

    dc7211bf850224d086e206564a2e6c0dd61763dba457e2567dcda2e41cb84a1ba5feadd671a9e3c9765304be5c555e7f805168fede8e4af9338fa8c143f2e518

    Download Submit