377ce32ba2d237e56556e170e0cec260bd6e827c390dc79b571d355946e0dfdc

Analysis

max time kernel
604s
max time network
618s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
06/03/2024, 13:24

Target

) Silence Multi-Tool/Silence.exe
Size

11.1MB
MD5

8b86a8eef56b315ab00590dccb8df913
SHA1

5a6d7f33efad87e7148916da443b0ae3193a5a2a
SHA256

ddb1ff0a9508358ec2a93c746368b2cc1b8623d11b2d6509bf1363a713ad6f7e
SHA512

5810284d2b18f8b1b4b6fb44ecefee0e65ffc6bfd0be9a303a50d3ce477df7e71731b27faaf60c966304434db0bf53a574c4b862cbf567e0fde893ced6af3b2f
SSDEEP

196608:4SWaRsXwZavW0bF7FoRE2nOL2Vmd6+Df2c/f/+ScEtglVWjJjndMmKnsxxri:cp1FeREWOL2Vmd6mec/enfWjVdUOZi

Score

7^/10

Loads dropped DLL 1 IoCs

pid	Process
2456	Silence.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2516 wrote to memory of 2456	2516	Silence.exe	30
PID 2516 wrote to memory of 2456	2516	Silence.exe	30
PID 2516 wrote to memory of 2456	2516	Silence.exe	30

C:\Users\Admin\AppData\Local\Temp\) Silence Multi-Tool\Silence.exe
"C:\Users\Admin\AppData\Local\Temp\) Silence Multi-Tool\Silence.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2516
- C:\Users\Admin\AppData\Local\Temp\) Silence Multi-Tool\Silence.exe
  "C:\Users\Admin\AppData\Local\Temp\) Silence Multi-Tool\Silence.exe"
  2⤵
  - Loads dropped DLL
  PID:2456

C:\Users\Admin\AppData\Local\Temp\_MEI25162\python310.dll

Filesize
4.3MB

MD5
c80b5cb43e5fe7948c3562c1fff1254e

SHA1
f73cb1fb9445c96ecd56b984a1822e502e71ab9d

SHA256
058925e4bbfcb460a3c00ec824b8390583baef0c780a7c7ff01d43d9eec45f20

SHA512
faa97a9d5d2a0bf78123f19f8657c24921b907268938c26f79e1df6d667f7bee564259a3a11022e8629996406cda9fa00434bb2b1de3e10b9bddc59708dbad81

Download Submit