Overview

overview

10

Static

static

10

yeno assist.exe

windows7-x64

7

yeno assist.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    07-02-2024 21:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    yeno assist.exe

  • Size

    13.2MB

  • MD5

    9bb8716c630c824e776fedf1d0d876f6

  • SHA1

    e57c91850425b04c38e48bd1d05846db2c0ff9b9

  • SHA256

    292468b8c0085a821e1546c601f41ff55505af5b5ecf09383964e8a558ac6d51

  • SHA512

    dd492a937b5e5391446b8220621b5be7f3b4295264e7a6c8f3caf24d3d58511244c0e52722b67e33992185963940c5c924874b6566adc9fb96546fcb7eec615a

  • SSDEEP

    393216:DEkMD2nwW+eGQRIMTozGxu8C0ibfz6e57Q1bmXiWCUI:DUDawW+e5R5oztZ026e5uFVUI

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\yeno assist.exe
    "C:\Users\Admin\AppData\Local\Temp\yeno assist.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2964
    • C:\Users\Admin\AppData\Local\Temp\yeno assist.exe
      "C:\Users\Admin\AppData\Local\Temp\yeno assist.exe"
      2⤵
      • Loads dropped DLL
      PID:2580
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2828

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\_MEI29642\python312.dll
      Filesize

      448KB

      MD5

      8351ea1c7385ad9df7a87e2519fc9cfd

      SHA1

      c3cc67d03be86a469fe7f853fa6fd9718b3195cd

      SHA256

      df757f0b39027f7f8fa46c4e453cd6967ee0d72f431c9bb5d05b3d6db9ab3c87

      SHA512

      e5d97c1e89b98619f388019a28d4ed45306e40f6118d9782c39ed0dde46f9bc4b39afd2a7276317f7e1e86fe74c82bf27bf7eae71a9168f96c27a7de220bd3ae

      Download Submit

    • \Users\Admin\AppData\Local\Temp\_MEI29642\python312.dll
      Filesize

      547KB

      MD5

      9b3fcac12b35c444debfa50de19770b4

      SHA1

      1c3a5ea48c1ec31a314fc2252d67ef18f938ac54

      SHA256

      4ee2bcd25db0b28922f47f4c360f73efbb0e00baf2c1c205e05cb8e4861ad418

      SHA512

      0b1d178fb8e14fc9e23aaa9821d8506246fb9f90a06a82efaebc5b230052dab55a5b7b08a25df8f76d04cef7065938113dcf7cd5d8e296ec4c1e30a14501a58b

      Download Submit