454e76c0b3e6dca14e315112f858187d62ff14c10dc257f521b9ebea51aa66f5

Resubmissions

01-02-2024 09:35

240201-lkpy9sbeeq 7

01-02-2024 09:12

240201-k6dyfsagem 7

Analysis

max time kernel
120s
max time network
133s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
01-02-2024 09:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

main.exe
Size

109.0MB
MD5

15c1cc5a33a78b42c1c71a66a18e9a31
SHA1

e761cfe958121fd7632df20832cbccc7443203f8
SHA256

454e76c0b3e6dca14e315112f858187d62ff14c10dc257f521b9ebea51aa66f5
SHA512

066d08996329be36ca4f15371d955ed22ad399ff4bdc9efd6cb060f55ef8ae95ee1317dc1066b5133c8aa3834053525c1a352f89f7157b35def13fc4bae73880
SSDEEP

3145728:NapkKOt/VG6RmtCRlGPrhX2qHO5iqIkFqPYNO5iIW+3ZYfi4v2XVidWt:YpkKq5mERlul1HCizkFtCmfi4v2XViM

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

pid	Process
1716	main.exe
1716	main.exe
1716	main.exe
1716	main.exe
1716	main.exe
1716	main.exe
1716	main.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2644 wrote to memory of 1716	2644	main.exe	28
PID 2644 wrote to memory of 1716	2644	main.exe	28
PID 2644 wrote to memory of 1716	2644	main.exe	28

C:\Users\Admin\AppData\Local\Temp\main.exe
"C:\Users\Admin\AppData\Local\Temp\main.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2644
- C:\Users\Admin\AppData\Local\Temp\main.exe
  "C:\Users\Admin\AppData\Local\Temp\main.exe"
  2⤵
  - Loads dropped DLL
  PID:1716

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI26442\python311.dll

Filesize
5.5MB

MD5
e2bd5ae53427f193b42d64b8e9bf1943

SHA1
7c317aad8e2b24c08d3b8b3fba16dd537411727f

SHA256
c4844b05e3a936b130adedb854d3c04d49ee54edb43e9d36f8c4ae94ccb78400

SHA512
ae23a6707e539c619fd5c5b4fc6e4734edc91f89ebe024d25ff2a70168da6105ac0bd47cf6bf3715af6411963caf0acbb4632464e1619ca6361abf53adfe7036

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI26442\ucrtbase.dll

Filesize
987KB

MD5
ba47193f6c9f09be5dab0030cb08012e

SHA1
e0c4dd352b765f5ca9183aa4d97e3a09683561bb

SHA256
10beae29b2594a3b494652fb0d1786a572e04043e5c4c64b861fa8db58bbb6bd

SHA512
623846c54dc31fe51b7d62bed1aa75c229f16675b7adb7af01c7010e91df08049b2b36df0b0d18d78d7d1b884b4a75f7edc979849690adc15f541997137acbb8

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI26442\api-ms-win-core-file-l1-2-0.dll

Filesize
13KB

MD5
f5d919527b33c017f456db57c6ae63a8

SHA1
6d1477cad61b216d4d06c4f68aeef1bef6215a0a

SHA256
dd7c7cde296ff3a71082ca319604b524a31c870d258162bd091a91e913a8aa1e

SHA512
a72ac92d70dfacaf29b600c1d50b4e4e9f5ecb2e9e79b6dd74bf3ce3853b794845ce586ae1a0dffc950c242b0a7a07c5c826e517174583e66c619280ac4e122b

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI26442\api-ms-win-core-file-l2-1-0.dll

Filesize
13KB

MD5
138640416350ac751cb0c0bb59691cf7

SHA1
a128b098c533162937b438440a70700904a13be5

SHA256
652727d5edb7ae030d1c3b5cd4cde5cdbb70ee335944ae83236ade93aec2fe82

SHA512
e392ac38f91d3a3d6623aee03e9b29cb09968461cf3b4a4221cc8bea3f16f6ac9e4f14d6314ff01fd7c6cabef47407105024b42141e3d01a84c3c0f3283e8e52

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI26442\api-ms-win-core-localization-l1-2-0.dll

Filesize
15KB

MD5
a0b74d7e28eed8a3ab803a10ad52f092

SHA1
bb40356ef3e551e7eeee155382f5a1598404a035

SHA256
38db7e69b31bd2774dca86e7b48d148ec277bd14e7cd4858fb3d14535804228e

SHA512
b07f680b97133458b0596c858f7f3c61cff6377b543d2d6834c47c30abceba000e9bdde01387bd30bae38a637f529f8197a57dadafe94a214eb89a86907d2ea9

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI26442\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
13KB

MD5
de533ecdb82fb85d431ad52ab3dab24b

SHA1
a593d38476f06b3eaace092eb42df82cfc55fb27

SHA256
2a573b3ae40850ddde09ffd19d66b089c93774641c195aeee5f934ddb0f17a02

SHA512
60be444cc47ce5ad041e40b166ffbe7e525c3f3dc2d49c0e28e8a678ed012230d0606cd29aca8c079c2de7dc0461b7ee1948f6f35ae81e4ac8a93f34ed52a09d

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI26442\api-ms-win-core-timezone-l1-1-0.dll

Filesize
13KB

MD5
7a93bd6b9d7ae56c4a78eb64509bdb79

SHA1
f399e0a84070a22a469f38a24188d88caca77102

SHA256
4e842ec8e3461c69db3d76a889f8aece8ce5144c27790af24a70e4b4c8f79bcb

SHA512
62ff91b6231a6603802e00cd1b3d2895b52ba704f9afed148cc6585c7c039a3176da6e584ae458d103c4f3f1703ce4976e67f353a9e452734695609d9d33603e

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads