Overview

overview

7

Static

static

3

main.exe

windows7-x64

7

main.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    48s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15/03/2024, 20:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    main.exe

  • Size

    7.3MB

  • MD5

    017f0a00a25c036c9e775bda90000cdb

  • SHA1

    f382a38b498d2d75dde999c060a650dafe2b24d3

  • SHA256

    1ba4ca0bb5453972c66f0f63e53bfe7c8879fb3814ce1b1e250f8c7da634cfa5

  • SHA512

    40e32ffc851804cb9f2d9de272abd7e8644870c7710f8b2c5891ec7565f1670e548d533114f3562b89082b4007c546395c3b763073c892a3ad82690e49d8263e

  • SSDEEP

    196608:KwsTs+gp1Dcz9onJ5hrZER3xQ3jo4UwSEw7+JmZlZa:+4pNcz9c5hlER3xA2RJS4n

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\main.exe
    "C:\Users\Admin\AppData\Local\Temp\main.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2940
    • C:\Users\Admin\AppData\Local\Temp\main.exe
      "C:\Users\Admin\AppData\Local\Temp\main.exe"
      2⤵
      • Loads dropped DLL
      PID:2600

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI29402\api-ms-win-core-file-l1-2-0.dll
          Filesize

          11KB

          MD5

          5af2350c18e76f37c5dc9ede3111b688

          SHA1

          121c78dc2eb738a076fe027a776b6ef4fb6f8ae0

          SHA256

          a780d88950370216e5d3433ae9603bd7dde75bb9b019a47a4cf47505aff50454

          SHA512

          8c1137c8405fd938829e2fb0616da65e5b82edc5bc80fe4e57b8545044042f5a90ee16b5ecc0fabc483531522ccbdaa6f5eb5aec8d79217d4aadc602a7a1b0b4

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI29402\api-ms-win-core-file-l2-1-0.dll
          Filesize

          11KB

          MD5

          4488fffaad11f5d665173eac4275b7ae

          SHA1

          022af8129b29cf1177905120968266bfccade842

          SHA256

          9c6902923627eef2efe29b5541cf7f556884605d29280d574bde4a177c7f2053

          SHA512

          6ae716322235a0d9d18978747a791c774a9af9375482f88873c1bafa5ea00fe54a95fb897ccccaa8deeb9af4e0362e0da79833cdf9f38c8d8f35b4fabb266417

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI29402\api-ms-win-core-localization-l1-2-0.dll
          Filesize

          14KB

          MD5

          44f85dbfd4c71321f9bf790c09e57b6f

          SHA1

          f130b2b3f66a9cef8a16849a181d7d4c38c2c8d6

          SHA256

          3cefeef3c3c708eca37ccc0aeb5fbcbfa53c8c2eaa0e00d35889f89736554504

          SHA512

          7af002324ffb1e22502b87b0a4d397fb8d8dd471698542cabccb6ddc16ab1062120cbfc4a45ca3cdedb3ff04c6be17402a550190f62cbdc2fe634a265a4bcd3c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI29402\api-ms-win-core-processthreads-l1-1-1.dll
          Filesize

          12KB

          MD5

          f041a3f6b665d2c36fb0bba3d7410eeb

          SHA1

          675ed642efd64c5d92e96fd083167b1aea5e7864

          SHA256

          1b33283503e744c0c66f3eef8a606eb9ea260812c50185d4ab00434043a48a21

          SHA512

          c42b2920fc7065021b84dd2e102847b91039b3765061c3596246161d39009b985be10074a8911cf9511aaf2107f009349f829a615a4fb5924430cc2a3d394c84

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI29402\api-ms-win-core-timezone-l1-1-0.dll
          Filesize

          12KB

          MD5

          7a7512780e76036ce29e308026ec6fce

          SHA1

          28ce17f0ba337587621cf4b3fd0092f7136fea5b

          SHA256

          05a5b0cb258116abb89133b086157405158900e09a5956e3581dc6cbaa4995ce

          SHA512

          c29d9f5e650c335f73518a90966f035cfb32b76145e681162b26e65b42c030ba4c14011a7130b5ad2ffd219fd3965fb80ddc923547a10586f156de7d9ef791d7

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI29402\python39.dll
          Filesize

          4.2MB

          MD5

          c4b75218b11808db4a04255574b2eb33

          SHA1

          f4a3497fb6972037fb271cfdc5b404a4b28ccf07

          SHA256

          53f27444e1e18cc39bdb733d19111e392769e428b518c0fc0839965b5a5727a2

          SHA512

          0b7ddbe6476cc230c7bdd96b5756dfb85ab769294461d1132f0411502521a2197c0f27c687df88a2cd1ab53332eaa30f17fa65f93dac3f5e56ed2b537232e69c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI29402\ucrtbase.dll
          Filesize

          986KB

          MD5

          adf1342f52833831d2a67115b2c9e9e8

          SHA1

          88bf825535a19e7b2c42b68e6378af821bc75148

          SHA256

          83d31cbced68513824465dae16b5f01f21baaabad3ae4f2dbfbd39dadeee7a0c

          SHA512

          23b708e74d653bc3dd4c73ecc10dc48df09e53c19079c17174b13b3f842d4e81540ed3b87feb2f7ae2e77be77c271d459fc7608a443725a242c9c52c00f6f4e4

          Download Submit