Overview

overview

10

Static

static

10

Mined.exe

windows7-x64

7

Mined.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    837s
  • max time network
    838s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    04-02-2024 17:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Mined.exe

  • Size

    7.4MB

  • MD5

    cd56d1639c638ef44a1cbcf6756ef2ba

  • SHA1

    784970f33b026fe770d8c0f8938d17b26c428327

  • SHA256

    79041d419f813d07403d5ea0e190c09f63c0e9339bcf225b4588388de34aaa88

  • SHA512

    c00a3be6d4cbc672b4fe3b4afb5072832a870c99d795656380e23d33e9b7b45f2d0851ba86e1d35fe502af2d001cf13e13ff6d431349dc166cfbdcc54bb19b39

  • SSDEEP

    196608:qw0cDemLjv+bhqNVoBKUh8mz4Iv9Pmu1D7wJo:SieaL+9qz8/b4IsuRmo

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Mined.exe
    "C:\Users\Admin\AppData\Local\Temp\Mined.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1044
    • C:\Users\Admin\AppData\Local\Temp\Mined.exe
      "C:\Users\Admin\AppData\Local\Temp\Mined.exe"
      2⤵
      • Loads dropped DLL
      PID:812

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI10442\python311.dll
    Filesize

    1.5MB

    MD5

    619401fee53ffc3d19a7483a24a8620f

    SHA1

    59dc46cf0b5333144da439afedf50aac683da298

    SHA256

    9a2effe5750e752ccee707377d2a01fb4bd5480e66358ff60f74ee6245e8c853

    SHA512

    4493875e83a26a7be86e41309157aaff3d30e7c0c07f4f02299752ccecfdf4f0c3cf64533872916d87c9b450925fa1819376e98029b5984dcf1434c58a7214e4

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI10442\python311.dll
    Filesize

    485KB

    MD5

    86321ff20feb93fcf5b6ca2fb141edec

    SHA1

    89e6ca4e12de0e56728463f8cee135ab0b7ec042

    SHA256

    e8b42b437d656b4c5538dc9bd7e4bc69501584f0da2a40f85a2395fd3c2aabfe

    SHA512

    a4a7af3105a8e154c72447f2b3d4a5a59182a190a1b748df4561bae886c639d07d903021e7d263a237ff5f5e2f84031493abca78559d3ab39325eb5c9af6010e

    Download Submit

  • memory/812-23-0x000007FEF5F50000-0x000007FEF6539000-memory.dmp

    Filesize

    5.9MB

    Download