38ba384cdb7c9cfc9c6ab60138b1b62dc465fb60e5abab17500249b39827f124

Resubmissions

09/04/2024, 07:12

240409-h1mx3ahc23 7

05/04/2024, 19:43

240405-yfghjscf76 10

Analysis

max time kernel
0s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
09/04/2024, 07:12

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Black Myth Wukong 64-bit.exe
Size

6.6MB
MD5

be9c01d1b46fd869e93187e1b65eb820
SHA1

fe8f3b6e69af45663a8fd908a915d772aa388f83
SHA256

38ba384cdb7c9cfc9c6ab60138b1b62dc465fb60e5abab17500249b39827f124
SHA512

9489f74f0259b603fc3110a55ddddf1a0ccfb97dabec685ebf557d0a5dacc1ae00fb9a374c763327794760e7fba4323f0f4ef319cf1af94a4b5acf2042270308
SSDEEP

196608:phZXfdfhMWOHXGjAcMIaITlkruDOT6icm+OAAkjKW8p:X+L3bjImruaT6iBm

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 4 IoCs

pid	Process
2864	Black Myth Wukong 64-bit.exe
2864	Black Myth Wukong 64-bit.exe
2864	Black Myth Wukong 64-bit.exe
2864	Black Myth Wukong 64-bit.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3088 wrote to memory of 2864	3088	Black Myth Wukong 64-bit.exe	77
PID 3088 wrote to memory of 2864	3088	Black Myth Wukong 64-bit.exe	77
PID 3088 wrote to memory of 2864	3088	Black Myth Wukong 64-bit.exe	77

C:\Users\Admin\AppData\Local\Temp\Black Myth Wukong 64-bit.exe
"C:\Users\Admin\AppData\Local\Temp\Black Myth Wukong 64-bit.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3088
- C:\Users\Admin\AppData\Local\Temp\Black Myth Wukong 64-bit.exe
  "C:\Users\Admin\AppData\Local\Temp\Black Myth Wukong 64-bit.exe"
  2⤵
  - Loads dropped DLL
  PID:2864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI30882\VCRUNTIME140.dll

Filesize
88KB

MD5
17f01742d17d9ffa7d8b3500978fc842

SHA1
2da2ff031da84ac8c2d063a964450642e849144d

SHA256
70dd90f6ee01854cecf18b1b6d1dfbf30d33c5170ba07ad8b64721f0bdcc235e

SHA512
c4e617cd808e48cc803343616853adf32b7f2e694b5827392219c69145a43969384d2fc67fa6fa0f5af1ca449eb4932004fbcdd394a5ba092212412b347586f0

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\_bz2.pyd

Filesize
79KB

MD5
8cb92a62222c203a9a5d1ba7cca4f1aa

SHA1
da58d20fedc582d9d1fed4611c6c059de5868f33

SHA256
1985dface64121d35d8288d62b909f4196a608a4e5b83cbfc5695e53c3e63935

SHA512
9289450ced220f1b9166cfa6d3596c50995e7f15cabd6ffa137f371b7952b0775bc1f850d4581473ad842d77c9dfb83cb85ee6d3cd92374b716d62e8d06f1976

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\_ctypes.pyd

Filesize
110KB

MD5
911cf3bbd1bc0280b5105379e6d9dddd

SHA1
127fd9d7508c9c63b16dd5bb64bf893e8c252cdc

SHA256
cbf5248b652b56a071e2fd5b8870dbed8322138a7c374de3c3116df7e51ed4b3

SHA512
ef4d0549d575fff5dd6874f340618b1307701e1458ea8096a32790266c56e85a929533c2f08a88e550b48302c099e7739e1d856c2e9d64b4528ec5704f73fd23

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\_decimal.pyd

Filesize
197KB

MD5
f3f47709cb9449473c1158f10b949a1d

SHA1
d44c8798d5d096e0fa24a7f113983190d59be3d0

SHA256
7b734f4f8e29ad8eb1eb03ebced277299be839727ee645f7eefaa93b7ff23d24

SHA512
8e22838b2457403f681fa23c467433d2db3cbb67e90e4f9350fcc0dd52755a60eb33236b06b29b099f95d64ba2c2ead2788ce38c57a86c7c82524b701cd4dd7c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\_hashlib.pyd

Filesize
48KB

MD5
7a9548fa712b1ad8a023ae1253a2793a

SHA1
b90a45c35426d8a3ac6c106f932a93f1efffa865

SHA256
0de6c73d4334d01de7d38bcf1648ed42354c170e7c765b9995d4bf40823bc5fc

SHA512
6f517e4853548bc709192d66c433f0b8f51b73ab0839f4f2fea5c3820f82256d525f00ec5f78adc5660c80aadd88068625e2b6b60f25f3787942a4e3422e378c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\_lzma.pyd

Filesize
145KB

MD5
f86b9f26e410a25cb8efda504702dd34

SHA1
5a4b7e39058133d8fb12492e90dd090be5fab735

SHA256
9234f38b7b514cdf8ce091dcc1f944385db2c908e7b852a8296492c1f7685eef

SHA512
a5af18aa013bdde18c09ff88a257519e5ce615ae61333fc8cecc4e219f48dafb2533c4e4c5ec42360c7885ac363d772370aa1c731b2b0a9ccb3ccd9b0ae02409

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\_socket.pyd

Filesize
71KB

MD5
da77aa88903b13ebf6139d0aa6b2eaa3

SHA1
5c12270118338336e3ef44fc85d57c7fed4e8d56

SHA256
04d4649b658ca3f392af0634efc29dfc2abcddb92ec3397c9913a444268ce86e

SHA512
e192144d1ebeb63815c1d32c5239d78d88624801e1a745a6779e17f982d2a77e13374831381d00bc99c69060c016edf5ecf048c1f35e090296398ea4dc139b90

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\base_library.zip

Filesize
1.3MB

MD5
630153ac2b37b16b8c5b0dbb69a3b9d6

SHA1
f901cd701fe081489b45d18157b4a15c83943d9d

SHA256
ec4e6b8e9f6f1f4b525af72d3a6827807c7a81978cb03db5767028ebea283be2

SHA512
7e3a434c8df80d32e66036d831cbd6661641c0898bd0838a07038b460261bf25b72a626def06d0faa692caf64412ca699b1fa7a848fe9d969756e097cba39e41

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\libcrypto-3.dll

Filesize
3.3MB

MD5
2e9277a5dd088949086d450da0e5f4e8

SHA1
c939886464bb65dc4667d8e477d97a619eadddfc

SHA256
7de51a1913ca3b10027f83d99ccccb166d6a3c06ca5d6358f260342dbacdbf6a

SHA512
9f16c77cd90e1b6657f3d2cbd131273bf24becff01c198690ebadb2c454e3f84b88a7e9c6fecdb7f564e1aa99a5583bbd1933e5db408efce3a9095776fa1a056

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\libffi-8.dll

Filesize
34KB

MD5
74d2b5e0120a6faae57042a9894c4430

SHA1
592f115016a964b7eb42860b589ed988e9fff314

SHA256
b982741576a050860c3f3608c7b269dbd35ab296429192b8afa53f1f190069c0

SHA512
f3c62f270488d224e24e29a078439736fa51c9ac7b0378dd8ac1b6987c8b8942a0131062bd117977a37046d4b1488f0f719f355039692bc21418fdfbb182e231

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\python312.dll

Filesize
5.6MB

MD5
6b6a180cd4d0258ba1f1482215b5ff02

SHA1
f991096b14cf25420064d443a31bd3185ba31661

SHA256
cac3864fb3fd40b9d32c34ff4f63794b80157d93557bf4bcd26b05ff4419b526

SHA512
849d043262edab7708cee9474fe5f2626cddfddc999d5f8d95c97d3ef42f5c2a14c468505e975ecf09451e3eb9a8dc6693b09b7e12e9c3c9a0c442e1cccc0156

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\select.pyd

Filesize
26KB

MD5
42be65fc2b54263b72cf1fd319b3059e

SHA1
daeebbedfad3ba64da00e3ecee7242e15807073b

SHA256
dc4baa048c6453580a199c76fd0f8d6d9c9ec272e40eb7eee5168bec00b43b12

SHA512
9b8fb9650cbae70f10171637cb9fa9e52e1be43bbcb8aed0e86ca9c80c403fe6a5a5113c4790ea25707b7cd7f18b30d7ce79ab1e27500006c299b9aed39ef693

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI30882\unicodedata.pyd

Filesize
1.1MB

MD5
860e9244e11536bba7aa8c2441b3c726

SHA1
bf3be8d8123b0cfe9027dcd63ab913fe863d20e5

SHA256
583719afaaa86d6136db250972080592fa2785a0861e836c402d5950bd45ae53

SHA512
05a18d2af244d312f15f2d8b4e14b4f863262ae809af77345ce3b3abc830600cfb06711008a9dd966d0ee5b4866a9493c2eac63715bf84d92b838062df3e3092

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads