Overview

overview

10

Static

static

10

Patch.exe

windows7-x64

7

Patch.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-03-2024 20:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Patch.exe

  • Size

    76.0MB

  • MD5

    2734801ef130169dc2175ce73a3e85a0

  • SHA1

    ff1c72aa5d5bd439980ba6634b6b920e6dec9be7

  • SHA256

    cc2119d621cada487e2a9773e3580ff8f0e5624391ac64176379e59f28101ea8

  • SHA512

    caeac50b7649f0cc5bfedbfd750dc4d151beda71de54c7f87b32367927aadb59d6727935b0120cfb62c85bf251f3714c5bca7444d8b0739df05579c20604d9eb

  • SSDEEP

    1572864:IHF5ul30h5gOuEOZKaosevJjKzQlaz2sldDGVkHYxcd2R:Il4EbgOROZKaoseMzQlazFdDPH7C

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Patch.exe
    "C:\Users\Admin\AppData\Local\Temp\Patch.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2868
    • C:\Users\Admin\AppData\Local\Temp\Patch.exe
      "C:\Users\Admin\AppData\Local\Temp\Patch.exe"
      2⤵
      • Loads dropped DLL
      PID:2408

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI28682\python311.dll
    Filesize

    1.6MB

    MD5

    b167b98fc5c89d65cb1fa8df31c5de13

    SHA1

    3a6597007f572ea09ed233d813462e80e14c5444

    SHA256

    28eda3ba32f5247c1a7bd2777ead982c24175765c4e2c1c28a0ef708079f2c76

    SHA512

    40a1f5cd2af7e7c28d4c8e327310ea1982478a9f6d300950c7372634df0d9ad840f3c64fe35cc01db4c798bd153b210c0a8472ae0898bebf8cf9c25dd3638de8

    Download Submit

  • memory/2408-30-0x000007FEF65F0000-0x000007FEF6BE0000-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2408-46-0x000007FEF65F0000-0x000007FEF6BE0000-memory.dmp

    Filesize

    5.9MB

    Download