Overview

overview

7

Static

static

3

Flaggex_V1.4.rar

windows7-x64

7

Flaggex_V1.4.rar

windows10-2004-x64

7

Flaggex V1...ex.exe

windows7-x64

7

Flaggex V1...ex.exe

windows10-2004-x64

7

flaggex.pyc

windows7-x64

3

flaggex.pyc

windows10-2004-x64

3

Flaggex V1...ig.txt

windows7-x64

1

Flaggex V1...ig.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-02-2024 17:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Flaggex V1.3/Flaggex.exe

  • Size

    40.8MB

  • MD5

    63de3b75d86fdfc8bd711a37639d2329

  • SHA1

    6c3d7c3c5a198ddd5135f7ba661a56cd9e9366ab

  • SHA256

    cdb70fc126c16769ca439db9f8edcbdc976565a73397c95b661817447f087abd

  • SHA512

    f917ab2282e8a0b4c7305c23d6d1bd51194ad8b6275a40b42120d3d7b4105a533469c533b227f91296d2510cb67315d0d4807d32ab7260f80e44de5a8682e208

  • SSDEEP

    786432:wZENRMZ8H95WpqgVL0kDLBSgpnORko5gLC+7R3wuDblJkAdRLW+e5v9kHR:wZEvMSWRVL0yBQt+HDblJkAHLW+el

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Flaggex V1.3\Flaggex.exe
    "C:\Users\Admin\AppData\Local\Temp\Flaggex V1.3\Flaggex.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Users\Admin\AppData\Local\Temp\Flaggex V1.3\Flaggex.exe
      "C:\Users\Admin\AppData\Local\Temp\Flaggex V1.3\Flaggex.exe"
      2⤵
      • Loads dropped DLL
      PID:1580
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:1028

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\_MEI23362\python311.dll
      Filesize

      5.5MB

      MD5

      65e381a0b1bc05f71c139b0c7a5b8eb2

      SHA1

      7c4a3adf21ebcee5405288fc81fc4be75019d472

      SHA256

      53a969094231b9032abe4148939ce08a3a4e4b30b0459fc7d90c89f65e8dcd4a

      SHA512

      4db465ef927dfb019ab6faec3a3538b0c3a8693ea3c2148fd16163bf31c03c899dfdf350c31457edf64e671e3cc3e46851f32f0f84b267535bebc4768ef53d39

      Download Submit