891624714cb9e8ecc8a71ab2651568a544202bf0aacdc52d897c8222e86cfc55 | Triage

Resubmissions

03-03-2024 19:24

240303-x4lxhafd96 10

03-03-2024 19:23

240303-x3wejsfd86 10

Analysis

max time kernel
118s
max time network
124s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
03-03-2024 19:23

Sharing

Report Analysis Logs

General

Target

imthebiggestsexhaver.exe
Size

16.3MB
MD5

6b08a0f6d0cb752836546cc4920bc711
SHA1

5444ce8178a75cf42c5fdde3ff57ca17d92fd252
SHA256

891624714cb9e8ecc8a71ab2651568a544202bf0aacdc52d897c8222e86cfc55
SHA512

e2a455627a336be639d6eebca68b80552510ee9381e70820dc6ee6d2e85d49d4ae9bafa3448783e78a7bd3e2b6e5a7b58fee3be35e0b5d510b04587bfa9e5484
SSDEEP

393216:oEkZQTwpSNPG7NmiZoPL2Vmd6mKVBkGCwwtKb0x:ohQUpoKEA+yVmdU3+NAb0

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2440	imthebiggestsexhaver.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2440	imthebiggestsexhaver.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2928 wrote to memory of 2440	2928	imthebiggestsexhaver.exe	28
PID 2928 wrote to memory of 2440	2928	imthebiggestsexhaver.exe	28
PID 2928 wrote to memory of 2440	2928	imthebiggestsexhaver.exe	28

C:\Users\Admin\AppData\Local\Temp\imthebiggestsexhaver.exe
"C:\Users\Admin\AppData\Local\Temp\imthebiggestsexhaver.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2928
- C:\Users\Admin\AppData\Local\Temp\imthebiggestsexhaver.exe
  "C:\Users\Admin\AppData\Local\Temp\imthebiggestsexhaver.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious behavior: GetForegroundWindowSpam
  PID:2440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI29282\python310.dll

Filesize
4.2MB

MD5
e9c0fbc99d19eeedad137557f4a0ab21

SHA1
8945e1811ceb4b26f21edcc7a36dcf2b1d34f0bf

SHA256
5783c5c5a3ffce181691f19d27de376a03010d32e41360b72bcdbd28467cfcc5

SHA512
74e1289683642ae2bc3cf780a07af1f27fed2011ef6cc67380f9c066c59d17a2fb2394a45a5c6cd75dad812a61093fdbd0f2108925f5c58fc6644c1c98be5c0b

Download Submit