Overview

overview

7

Static

static

3

3Tool.exe

windows7-x64

7

3Tool.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    33s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03/02/2024, 13:51

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3Tool.exe

  • Size

    18.1MB

  • MD5

    c6da3c784be40f2f0aef4b4692f597be

  • SHA1

    df233a8e060e7e1dcbea8e5b61a42f4574efa121

  • SHA256

    8344b9bb3c3c88b7fd05bd8dbe0e491f5df04ee075346f7ca08bbdb5334ce7f6

  • SHA512

    3598809a4542eee582b1dc5667244822682e8ac2fb3e12e4b27c4186ce67317e6454ee1efc566c6e6b0e2392a5f6ec8c56fb3a4410f524556241976aacddfae6

  • SSDEEP

    393216:bu7L/sQtsTTk5XxHk3meBcGfd0vYMPA8luZ2HrgXOEzmJY:bCL0Qts/2NaT5F0vYBsuW/X

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3Tool.exe
    "C:\Users\Admin\AppData\Local\Temp\3Tool.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1232
    • C:\Users\Admin\AppData\Local\Temp\3Tool.exe
      "C:\Users\Admin\AppData\Local\Temp\3Tool.exe"
      2⤵
      • Loads dropped DLL
      PID:276

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI12322\api-ms-win-core-file-l1-2-0.dll
          Filesize

          14KB

          MD5

          2d392251a80fd6debcb0ea6fe72be122

          SHA1

          c4e618872dd98d97cfd9e537e56ecbb512599855

          SHA256

          e012521a03fb1455e8537bbd91bd0ae0cc3b8ef0fa0262be461922c08ead8159

          SHA512

          6d907569581c4f0586c9199de1e2369af02f64dffb36cbba76ba8b26dcaab7a0ca8f5a003c0032a06532a064291afaca456e71277e4ef63e639aef8ff4f50ce1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI12322\api-ms-win-core-file-l2-1-0.dll
          Filesize

          14KB

          MD5

          2b59a0d1572d646cee7b033b7b599153

          SHA1

          88bf2c4f9544c164023ebabe68ba2489c00d514a

          SHA256

          d2488736299d2089383ac5a52b42a590d92430e1c4b28761d8991c33918aa6ee

          SHA512

          945883502cca4f8352374ffdd4d8967b168f91b19f917986feb1ae6c605787ab732fd875d5b3e6690c5e5dfe02c9637ed7febd65ac93bdbcfa9ba83573fff833

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI12322\api-ms-win-core-localization-l1-2-0.dll
          Filesize

          17KB

          MD5

          8069b4e93f64080e0f69e39babe659df

          SHA1

          790eca13741e7f013fc25d28d4a17774f1e4c639

          SHA256

          5bd225745b8fdaf73d058661b8a4be5fb7672328ee2b3e4915692eec931aeaa4

          SHA512

          33a2cd43f5a22653c5386cfcd71396eb1127c7569b42580a7526823b04d253e9ba02ae604903bb373a67f3bcf208041b62b402d00dcf40c5ad5a478b41909430

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI12322\api-ms-win-core-processthreads-l1-1-1.dll
          Filesize

          15KB

          MD5

          e1905f756f24ffd5adfde728e8deef0e

          SHA1

          37d3fb2bc0ea7c5754c6231b2b5304e0e1c32d7f

          SHA256

          5a56b78520e5b438b003312356dca1c2c10febcc17dd01c37ebe0735111c5cd0

          SHA512

          6b0786084f46766bbfbcf1cc20944f4be1d1e2f64cb5a96e824d9cde96123e8e44bf521d842292d0297ce9c90eb5c33e5ec5ca58d61a5d59d5fa4a619cb4b8a9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI12322\api-ms-win-core-timezone-l1-1-0.dll
          Filesize

          14KB

          MD5

          13e8e35d4ad0f2ce91809424bb7f08c1

          SHA1

          57bbfb38909735285a173a02cf9d65f8b9008c01

          SHA256

          64dfad5bbee56c7cf22a5a9d16f2d97e2b856504fcc2d32e97a315403f8114a8

          SHA512

          cd13412852efd214ede0ba75f4a29347e8b1b68d883bc45b64e99cdc2992196877e53b107ccb3869ca39e75fb3f98519374413abdca8eaee324b869dd36d4107

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI12322\python311.dll
          Filesize

          5.5MB

          MD5

          58e01abc9c9b5c885635180ed104fe95

          SHA1

          1c2f7216b125539d63bd111a7aba615c69deb8ba

          SHA256

          de1b95d2e951fc048c84684bc7df4346138910544ee335b61fc8e65f360c3837

          SHA512

          cd32c77191309d99aeed47699501b357b35669123f0dd70ed97c3791a009d1855ab27162db24a4bd9e719b68ee3b0539ee6db88e71abb9a2d4d629f87bc2c081

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI12322\ucrtbase.dll
          Filesize

          964KB

          MD5

          cd39b013c2fdc4fce29299b76c1160fe

          SHA1

          403992e25ec2bc871d4bab918242d3d7be6b281f

          SHA256

          29a166a9cfb96effd434ab43eacc3059b24cb634b03da5f7325e5e87666a504d

          SHA512

          011f229591dfeb58de925a6258f0526162765aa150d13113dbc51b877f281b286f6fdb97d72a41347dab321676724a471cd82b349baabfe57f15f666f0d2a860

          Download Submit