Analysis
-
max time kernel
120s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
28-03-2024 18:14
General
-
Target
RAGEMP_TOOL.exe
-
Size
8.0MB
-
MD5
8bf8265cd31369984dfd20add816eb8c
-
SHA1
e07748c7f112318b916d88139edc44fb6110785f
-
SHA256
23ca424b5c77866d5f1258192cd442c2142dc9abd9f94bd31ca34cb603ea36b0
-
SHA512
8a88316f4b11aa5265a1a7716ec2246bc9dd0f39d21ac29a4cdf1b97f5fe0129d73d15fa49e0d37909bec84d7312e9919b45b47b84a1999430af9b2785735dd5
-
SSDEEP
196608:FyQsbNIOKToqPosbT/9bvLz3S1bA3zgn97vz:+bpqAsbTlj3S1bOzgZvz
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\RAGEMP_TOOL.exe"C:\Users\Admin\AppData\Local\Temp\RAGEMP_TOOL.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\RAGEMP_TOOL.exe"C:\Users\Admin\AppData\Local\Temp\RAGEMP_TOOL.exe"2⤵
- Loads dropped DLL
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI22962\python311.dllFilesize
1.6MB
MD55792adeab1e4414e0129ce7a228eb8b8
SHA1e9f022e687b6d88d20ee96d9509f82e916b9ee8c
SHA2567e1370058177d78a415b7ed113cc15472974440d84267fc44cdc5729535e3967
SHA512c8298b5780a2a5eebed070ac296eda6902b0cac9fda7bb70e21f482d6693d6d2631ca1ac4be96b75ac0dd50c9ca35be5d0aca9c4586ba7e58021edccd482958b
-
memory/2584-24-0x000007FEF5740000-0x000007FEF5D29000-memory.dmpFilesize
5.9MB