Overview

overview

10

Static

static

10

SiVenuza/SiVenuza.exe

windows7-x64

SiVenuza/SiVenuza.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    27s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-02-2024 04:07

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    SiVenuza/SiVenuza.exe

  • Size

    14.4MB

  • MD5

    d0057a37df09b6c75dc88dd3f3ffdd6e

  • SHA1

    a4d10c99c009068982a10d866821909e6bf4051e

  • SHA256

    2c3e404f0415aedb33ba56df661d8870ec9638718cd27e0e91c2f33539e57601

  • SHA512

    ce2fed6b0c32338b2d5976bbf367c004fb60711f80e32010975279f28a4b66e7b7096e6f6b8d2797faab47bbad2246060194a71c62325bc2c430578176a6c026

  • SSDEEP

    393216:Su7L/sQQndQuslSq99oWOv+9fg1XsF4Wr:SCL0QQndQuSDorvSY1ON

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SiVenuza\SiVenuza.exe
    "C:\Users\Admin\AppData\Local\Temp\SiVenuza\SiVenuza.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2612
    • C:\Users\Admin\AppData\Local\Temp\SiVenuza\SiVenuza.exe
      "C:\Users\Admin\AppData\Local\Temp\SiVenuza\SiVenuza.exe"
      2⤵
      • Loads dropped DLL
      PID:2416
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:1824
    • C:\Windows\system32\LogonUI.exe
      "LogonUI.exe" /flags:0x0
      1⤵
        PID:1780
      • C:\Windows\system32\LogonUI.exe
        "LogonUI.exe" /flags:0x1
        1⤵
          PID:2868

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI26122\python310.dll
          Filesize

          1.5MB

          MD5

          a9d3ee0c34823075e160b2e017eb4083

          SHA1

          abeee2c9e7de9af3b0a659163cdbd14cea7b1d64

          SHA256

          2ae0600f8de19487677e69bbc65f71d292a13b2497c735201caab1f04547f612

          SHA512

          7d54f6fe4345b19c4562f879fb6c4f5af9b28e2dbf98dd367b42f986ec786754b39ef38812f5c1875ff4368d179f03f6dbe14d875ca9924896350dc19bdbebad

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI26122\python310.dll
          Filesize

          4.3MB

          MD5

          deaf0c0cc3369363b800d2e8e756a402

          SHA1

          3085778735dd8badad4e39df688139f4eed5f954

          SHA256

          156cf2b64dd0f4d9bdb346b654a11300d6e9e15a65ef69089923dafc1c71e33d

          SHA512

          5cac1d92af7ee18425b5ee8e7cd4e941a9ddffb4bc1c12bb8aeabeed09acec1ff0309abc41a2e0c8db101fee40724f8bfb27a78898128f8746c8fe01c1631989

          Download Submit

        • memory/1780-169-0x00000000029C0000-0x00000000029C1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2868-170-0x00000000026E0000-0x00000000026E1000-memory.dmp

          Filesize

          4KB

          Download