Overview

overview

10

Static

static

10

NSFW Gener...EN.exe

windows7-x64

7

NSFW Gener...EN.exe

windows10-2004-x64

7

Creal.pyc

windows7-x64

3

Creal.pyc

windows10-2004-x64

3

NSFW Gener...rt.bat

windows7-x64

7

NSFW Gener...rt.bat

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-02-2024 20:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NSFW Generator/NSFWGEN.exe

  • Size

    13.8MB

  • MD5

    638d136547ece9e4f282d62aa6562a07

  • SHA1

    19ba1d25332fac7c3fe7bf0eae2ad3520fded5db

  • SHA256

    d7407d5dd0dca80aa9798ff6aaa10635474feab533b7e6db87d759abf69f1ee8

  • SHA512

    e1c2f4a6ffff124c5a7cece7a48be026f1098708376f3e03d46f2e8a0f35e05d223da05b78ef3417422d62ce9feaa137241b0f879b731f63b2c1cbaafebc3323

  • SSDEEP

    393216:hiIE7Yo5D2nwW+eGQRIMTozGxu8C0ibfz6e57F1bmXdWCNx+:O7r5DawW+e5R5oztZ026e5XkVN4

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NSFW Generator\NSFWGEN.exe
    "C:\Users\Admin\AppData\Local\Temp\NSFW Generator\NSFWGEN.exe"
    1⤵
    • Loads dropped DLL
    PID:2420
  • C:\Users\Admin\AppData\Local\Temp\NSFW Generator\NSFWGEN.exe
    "C:\Users\Admin\AppData\Local\Temp\NSFW Generator\NSFWGEN.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI29882\python312.dll
    Filesize

    1.9MB

    MD5

    ea4096bec636d70838ca02f1226db40c

    SHA1

    e659d3516f3b1b3a3d1767107b738c82b0ce1e04

    SHA256

    9fd9c7d28df6f16239e04de4ecfdbe752893161a6c6da640d528b0110eab7bb0

    SHA512

    ad1cc3861f4a35de1f7883925aa4571299fd529e97a19962024c6d7120e7b16ae057f10151934253b9f38d2038874ce89243cddf1cbdd15e5787b7df2843ade5

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29882\python312.dll
    Filesize

    799KB

    MD5

    f54670d9c74b6f43ebce1333aacf6261

    SHA1

    736ec4e637c6b9a0c4372a20296f5766d6338cea

    SHA256

    0388d3354cf38f99847f31b82df8d861d8d3bf72b9c751cdeeee44f44547705c

    SHA512

    3dda408b802f1589e86072ccc9e99533028988c4c55636195a4ee1183b88c55f6c1fdd50dc2259985ca9c8ab27d1e4f574a913431c8da3131b76cb4ce21bd479

    Download Submit