d87c5a2a6756dbc08413254d283e17269b6ce007bd2836ab6288a6ae2c7144f2

Analysis

max time kernel
140s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
20-02-2024 20:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

denick.exe
Size

6.2MB
MD5

48c7f9194439e39004e1d7522d155e2e
SHA1

6d84d90b4352c1c90c4427b9f6219771b282d019
SHA256

d87c5a2a6756dbc08413254d283e17269b6ce007bd2836ab6288a6ae2c7144f2
SHA512

826d7fd1cb5d63c088a516eb629e962a6748339d1b57be8f089265ab8a7b7de3f8093477d56fd9ef6536cb8868f380294368176685948a5d0b4cc779a1b761c2
SSDEEP

196608:R9+wZjL2Vmd6+D3c/f/+ScEjU+f5D1kKne:GcL2Vmd6m3c/eMUQ5x5e

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 15 IoCs

pid	Process
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe
3944	denick.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 4776 wrote to memory of 3944	4776	denick.exe	85
PID 4776 wrote to memory of 3944	4776	denick.exe	85

C:\Users\Admin\AppData\Local\Temp\denick.exe
"C:\Users\Admin\AppData\Local\Temp\denick.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4776
- C:\Users\Admin\AppData\Local\Temp\denick.exe
  "C:\Users\Admin\AppData\Local\Temp\denick.exe"
  2⤵
  - Loads dropped DLL
  PID:3944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI47762\VCRUNTIME140.dll

Filesize
96KB

MD5
f12681a472b9dd04a812e16096514974

SHA1
6fd102eb3e0b0e6eef08118d71f28702d1a9067c

SHA256
d66c3b47091ceb3f8d3cc165a43d285ae919211a0c0fcb74491ee574d8d464f8

SHA512
7d3accbf84de73fb0c5c0de812a9ed600d39cd7ed0f99527ca86a57ce63f48765a370e913e3a46ffc2ccd48ee07d823dafdd157710eef9e7cc1eb7505dc323a2

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\_bz2.pyd

Filesize
81KB

MD5
a4b636201605067b676cc43784ae5570

SHA1
e9f49d0fc75f25743d04ce23c496eb5f89e72a9a

SHA256
f178e29921c04fb68cc08b1e5d1181e5df8ce1de38a968778e27990f4a69973c

SHA512
02096bc36c7a9ecfa1712fe738b5ef8b78c6964e0e363136166657c153727b870a6a44c1e1ec9b81289d1aa0af9c85f1a37b95b667103edc2d3916280b6a9488

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\_ctypes.pyd

Filesize
119KB

MD5
87596db63925dbfe4d5f0f36394d7ab0

SHA1
ad1dd48bbc078fe0a2354c28cb33f92a7e64907e

SHA256
92d7954d9099762d81c1ae2836c11b6ba58c1883fde8eeefe387cc93f2f6afb4

SHA512
e6d63e6fe1c3bd79f1e39cb09b6f56589f0ee80fd4f4638002fe026752bfa65457982adbef13150fa2f36e68771262d9378971023e07a75d710026ed37e83d7b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\_hashlib.pyd

Filesize
60KB

MD5
49ce7a28e1c0eb65a9a583a6ba44fa3b

SHA1
dcfbee380e7d6c88128a807f381a831b6a752f10

SHA256
1be5cfd06a782b2ae8e4629d9d035cbc487074e8f63b9773c85e317be29c0430

SHA512
cf1f96d6d61ecb2997bb541e9eda7082ef4a445d3dd411ce6fd71b0dfe672f4dfaddf36ae0fb7d5f6d1345fbd90c19961a8f35328332cdaa232f322c0bf9a1f9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\_lzma.pyd

Filesize
154KB

MD5
b5fbc034ad7c70a2ad1eb34d08b36cf8

SHA1
4efe3f21be36095673d949cceac928e11522b29c

SHA256
80a6ebe46f43ffa93bbdbfc83e67d6f44a44055de1439b06e4dd2983cb243df6

SHA512
e7185da748502b645030c96d3345d75814ba5fd95a997c2d1c923d981c44d5b90db64faf77ddbbdc805769af1bec37daf0ecee0930a248b67a1c2d92b59c250c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\_queue.pyd

Filesize
29KB

MD5
23f4becf6a1df36aee468bb0949ac2bc

SHA1
a0e027d79a281981f97343f2d0e7322b9fe9b441

SHA256
09c5faf270fd63bde6c45cc53b05160262c7ca47d4c37825ed3e15d479daee66

SHA512
3ee5b3b7583be1408c0e1e1c885512445a7e47a69ff874508e8f0a00a66a40a0e828ce33e6f30ddc3ac518d69e4bb96c8b36011fb4ededf9a9630ef98a14893b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\_socket.pyd

Filesize
75KB

MD5
e137df498c120d6ac64ea1281bcab600

SHA1
b515e09868e9023d43991a05c113b2b662183cfe

SHA256
8046bf64e463d5aa38d13525891156131cf997c2e6cdf47527bc352f00f5c90a

SHA512
cc2772d282b81873aa7c5cba5939d232cceb6be0908b211edb18c25a17cbdb5072f102c0d6b7bc9b6b2f1f787b56ab1bc9be731bb9e98885c17e26a09c2beb90

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\_ssl.pyd

Filesize
59KB

MD5
b955a6f16e42ae5eb52ac1cee84fac44

SHA1
b1383e8e73e539e2ff8668821cda00c03cb7900b

SHA256
cb0d29dc46bc0b18a73c1a980ffb46424931f28fd8a3928f9c306adb6bce1f1b

SHA512
72efb3dff18fa9a78da1f23573ddf96769682c54fdf68f6e3898fa08a60140fc942164e78cb785980fb716335f1385b2890f60f63dc7488be3d8bd53d18dba92

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\_ssl.pyd

Filesize
72KB

MD5
c13bb347087b85aa696e5a8c2685cf0b

SHA1
a39157f002e5e41aeba55e5e0cc300caaefc16a9

SHA256
3889be6070f74a9e9a4292958b2025edf0c0e988c09838dda295d7490663b5ba

SHA512
89cefe63f12592f0161ad6fe96081be41d32dad1a74c1563ede643bc9250fa941ea172ed542a922ea894daa9cf744c86af8fdb05e82cd5a70179dea297308d19

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\base_library.zip

Filesize
561KB

MD5
018fc1212b8fd85d75c38a8a04844daa

SHA1
70390347aefd495b7bc9ecd24e709dc61e09e1c0

SHA256
6e5274050493da79fd4f985c8c27cf012acab7b24b3740a15d38427cae2fa6ec

SHA512
f6c1002c7e80e7a03101ad3f64ef3a44e7e1ff1916a474d40ac5d1b579fd7bf9de6208a438146abde3cc9fff3a493b2358551098de843ecfc584782d1958a87a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\certifi\cacert.pem

Filesize
279KB

MD5
7adbcc03e8c4f261c08db67930ec6fdd

SHA1
edc6158964acc5999ed5413575dd9a650a6bcdb2

SHA256
de5f02716b7fa8be36d37d2b1a2783dd22ee7c80855f46d8b4684397f11754f2

SHA512
58299ed51d66a801e2927d13c4304b7020eac80982559c7b898c46909d0bc902eb13fea501bd600c8c19739736289342bae227510c85702b7f04bd80d5a9c723

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\libcrypto-1_1.dll

Filesize
169KB

MD5
d4641d24bc1ff204759850446d5f0605

SHA1
4c877ef9c70f63b85584d6653da2f91d1bff9611

SHA256
24005a546108bd5523750dbc10a736ca0670f24bbd4552cbadb59b619abaf422

SHA512
951ff667bc319f997b04c3eb1800c9fc684b9cf0ae37c637f8357d46a00d28a00e5627b2a5e8af9c993139501395551e3f77312ef5c2e96266145667e3fecb1e

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\libcrypto-1_1.dll

Filesize
625KB

MD5
4a0cb7d2a9c771ead75f820ade522c3e

SHA1
bb205bdd2c1c30263d656ddc2862c694954c7540

SHA256
a3d709058985e9d452d9a22510202a6c4879538cc1f186403ec370520ddc1079

SHA512
20c93e29b99003d77ab7297da042c31d9e6de1d328462397826636e93f07496aa735057d8dca4d7b5c12d39c7ac9a92b35711b60dcad5d78e4df2545176d6ec3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\libcrypto-1_1.dll

Filesize
434KB

MD5
2942fae9f77a846d227e97226b8dd2b1

SHA1
4517f6fc0327352788b004ca3373b7ff3e028733

SHA256
a34c1c7f3698a59f53a6b69dbffb5e05252954ec2a26661a6f6546d4d378f928

SHA512
0e4bdfe0cfa59f1e2c0e56809ca932cd835bd9b1c1426a3f0e14b7a35d5aad0a3f39de6eafb569056442fbc460e4812f2ea4d263c1849008cf7d960e29d5d2aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\libffi-7.dll

Filesize
32KB

MD5
eef7981412be8ea459064d3090f4b3aa

SHA1
c60da4830ce27afc234b3c3014c583f7f0a5a925

SHA256
f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

SHA512
dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\libssl-1_1.dll

Filesize
56KB

MD5
50f87dcb545ad25d6e12b553f51c96c6

SHA1
f072b66327bf1f5fd2e0a1281cb9ff029421e974

SHA256
7eba94a224be71d2cbf3d9dc3703693957f66b82ea5e76f5475f42c0516aed68

SHA512
8ea672e28ecfa4cf993a49391c05a76908cffca911dcd391cc51650c5af8bc59b394ee218cd1006a7ca2632f0b2a8ec6d7c9e84b6d8f5b311cb0f75eca32f0d0

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\libssl-1_1.dll

Filesize
45KB

MD5
e3de09e2f926d737cbb567e9fde2e9ef

SHA1
9ba567980f0e31dbda42d24bce8dd353d537a27c

SHA256
5017193dca4b6086786b59339af8b6670cb4a0fae1ea2f0366eeff2472fa781b

SHA512
a10b0e3c698919364c1b97f9a306cd2ea6708f9daeeadde26bddfac974f41b35bbf802c88bc04ad364acfcacba4dae6cecf7ed4913d36019d7b62c597331b863

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\python310.dll

Filesize
267KB

MD5
10f8517684d479ce7d531f18551581ab

SHA1
dead091ba0351bb4605a07002621cf693f645106

SHA256
6b44c61ffb61ee683486742042d5bceab3a5cdb4529aebf7345aac2f6af3efb4

SHA512
c09561820c8498fcbd65adfc5d71f55f322b4728d7aa41d24e4b63db7bff0804b619dfa695c1c216579414131d00b93082a9cdc802409525f5472fd6daccd135

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\python310.dll

Filesize
426KB

MD5
fc8e98e794537cf1ef268e8c2dbca908

SHA1
9f4b3c796904dd7f7f6133d5d4fc0bfd6b425986

SHA256
3872df49b5b083c7222b898e46e55aa2648cdd5c0a4854189f49bedac9fe92c9

SHA512
8d95b93ecb3b470862486a81973171f541c5628d42ec360e692442a4d05999d2426dab76c3425bb2ab29cf84946a7ee91a2acc899a5c4bed6b4fdb876cd8f9d8

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\select.pyd

Filesize
28KB

MD5
adc412384b7e1254d11e62e451def8e9

SHA1
04e6dff4a65234406b9bc9d9f2dcfe8e30481829

SHA256
68b80009ab656ffe811d680585fac3d4f9c1b45f29d48c67ea2b3580ec4d86a1

SHA512
f250f1236882668b2686bd42e1c334c60da7abec3a208ebebdee84a74d7c4c6b1bc79eed7241bc7012e4ef70a6651a32aa00e32a83f402475b479633581e0b07

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\unicodedata.pyd

Filesize
240KB

MD5
7ce82e693a81f3b1f1e68e438f87823b

SHA1
e2c6a663d7408e413f6cf5b0c9fc7fb4126b24e5

SHA256
1e967cda08ca6b1ddc5f648eda7ac73c9aebcf57e2aed56480e990071bb4e6f5

SHA512
cdfa533ae5f44fa1575d0ddfc4b77976e647d8b8d8e2e1b8baa2e1fdb0910c11c162fd17879f72514a4000288384f4ef340b7a87265f4531b55f6deb554885f9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI47762\unicodedata.pyd

Filesize
467KB

MD5
28c159b510a85a8c218cdec1aef0df5b

SHA1
34394fa8a72d41787dd3ba6d6cfc80bd39694d27

SHA256
2483da31ac6b7f3ab147a8435adb975dbdd7d95f4a35649fb3c3ebd3c52e9480

SHA512
f8135133782c7c93a737e183bbb4bcb308c75c19ea27f5c932cef2753e83d4a7255f585c0bc3d081be1c7179304798492ecc7b278798a0d72a2d87a083b34a3f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads