Overview

overview

7

Static

static

3

beans (1).exe

windows7-x64

7

beans (1).exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-03-2024 16:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    beans (1).exe

  • Size

    15.2MB

  • MD5

    4e69c18f43d1d194bbb9aefc7338d494

  • SHA1

    d0db4dc95f93332699f8c09283db0d61340f5ffa

  • SHA256

    ae4070d4d1d148f1bbaa61472c5202c4e0ee6f87be1a2e2925092a07510c9515

  • SHA512

    675b3a9981f63062b807eee84fe05ba8dcb77a966075778bbcd4c91f9c6a4dd100ba002bf64cc3f0fceab6c1f62ac91575f2c6e9264dbfd8c280d1127e7696a1

  • SSDEEP

    393216:50OJk/W4I8hlzFiibL2Vmd6mM0Gzajj3rzmAvlSR+mY1irEhhxC1YVSv:mOJZ4hF7yVmdEEjbzmXAmihf8

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\beans (1).exe
    "C:\Users\Admin\AppData\Local\Temp\beans (1).exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Users\Admin\AppData\Local\Temp\beans (1).exe
      "C:\Users\Admin\AppData\Local\Temp\beans (1).exe"
      2⤵
      • Loads dropped DLL
      PID:2444
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2376

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\_MEI20202\python39.dll
      Filesize

      4.3MB

      MD5

      2135da9f78a8ef80850fa582df2c7239

      SHA1

      aac6ad3054de6566851cae75215bdeda607821c4

      SHA256

      324963a39b8fd045ff634bb3271508dab5098b4d99e85e7648d0b47c32dc85c3

      SHA512

      423b03990d6aa9375ce10e6b62ffdb7e1e2f20a62d248aac822eb9d973ae2bf35deddd2550a4a0e17c51ad9f1e4f86443ca8f94050e0986daa345d30181a2369

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI20202\ucrtbase.dll
      Filesize

      1.1MB

      MD5

      3b337c2d41069b0a1e43e30f891c3813

      SHA1

      ebee2827b5cb153cbbb51c9718da1549fa80fc5c

      SHA256

      c04daeba7e7c4b711d33993ab4c51a2e087f98f4211aea0dcb3a216656ba0ab7

      SHA512

      fdb3012a71221447b35757ed2bdca6ed1f8833b2f81d03aabebd2cd7780a33a9c3d816535d03c5c3edd5aaf11d91156842b380e2a63135e3c7f87193ad211499

      Download Submit

    • memory/2020-147-0x000000013FEB0000-0x000000013FED8000-memory.dmp

      Filesize

      160KB

      Download

    • memory/2444-76-0x000000013FEB0000-0x000000013FED8000-memory.dmp

      Filesize

      160KB

      Download