6d746e7eb648f9a2a84ca12b314468f8b1382c98853f0c85e2b5c5050b7a9732

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
26/04/2024, 11:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

test.exe
Size

9.2MB
MD5

24015af4799d264fa3dc910ab9427547
SHA1

95d6b52cb83ce391dfc6c646e53134db9cdac938
SHA256

6d746e7eb648f9a2a84ca12b314468f8b1382c98853f0c85e2b5c5050b7a9732
SHA512

2ca0025defdf290d17e573bf151cf1f7d0341da13ccb3e3f2580c4123f16ad24941d2e26d29c997e5dbaac7b7d4ebb396f9c742645be5f1e9f0e2138ccb55706
SSDEEP

196608:sd2P6pnrJwhQ9ATehYGCkf8iIbZg4TedQNm5XKCt7m5wMo5l8u:JbQmTehYYfObcdQyftm5Fo5iu

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

pid	Process
1564	test.exe
1564	test.exe
1564	test.exe
1564	test.exe
1564	test.exe
1564	test.exe
1564	test.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2004 wrote to memory of 1564	2004	test.exe	29
PID 2004 wrote to memory of 1564	2004	test.exe	29
PID 2004 wrote to memory of 1564	2004	test.exe	29
PID 2004 wrote to memory of 1564	2004	test.exe	29

C:\Users\Admin\AppData\Local\Temp\test.exe
"C:\Users\Admin\AppData\Local\Temp\test.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2004
- C:\Users\Admin\AppData\Local\Temp\test.exe
  "C:\Users\Admin\AppData\Local\Temp\test.exe"
  2⤵
  - Loads dropped DLL
  PID:1564

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI20042\api-ms-win-core-file-l1-2-0.dll

Filesize
18KB

MD5
395d39f6ec3e09c5194899434150cdf7

SHA1
abd262b486e1adc39b40dbfe012a551c732dfd69

SHA256
ecc40b2c80300b94615b450d5a97ed15ce51aa929c73da22c906ab01856f8223

SHA512
0f55725eb8609ae52c45ff7e255c3e23bff0b9e049f2f37cb4fc12841ad9f5ed8264307961cbd27031997c29ce04677b646f9c859fc629b25186ec52f735ba36

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20042\api-ms-win-core-file-l2-1-0.dll

Filesize
18KB

MD5
f2cd3227975bd33ae08e34221d223ca6

SHA1
26b19fd814ea86825244e7a7cf82e7eddc189895

SHA256
f88209bb4993bfbcfc9727d101a4f1ecf84649ca5fd15b264faac11daf19ac7f

SHA512
690408ba6d88ad97334a8f9012c5db5c4d46d70cd9519f1d8e9131d1044805dce992d89167ef12d0192f4e5ab079722b88700df9601c05674267fc4f8d5486e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20042\api-ms-win-core-localization-l1-2-0.dll

Filesize
21KB

MD5
b178f49844a5168d29d5cce20a6303e3

SHA1
29dd5bd890addbba1d8a9aeacb68716f8208da73

SHA256
9358400795afcc41f5e748e20b139cfbb1ac976b3e460597b0b21893d647276d

SHA512
b65308d482342291069314e9f99964c3479ea41579db17d3cbe3888318bb7605ee67c11a40f14609665a419f44a61809513bddb8b3657b24a4bac16bb274664f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20042\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
19KB

MD5
da1c671169dd183afca9ac76f46fd86e

SHA1
47a1bd0c45d5b87351870b8dd2122da30638ec83

SHA256
e5c2478571ab260776b547579acd847bdecac9b4b9b4590d4ac7c80135c68930

SHA512
5e6eb5525a77ac63bbae2288fecfd5712aff5c194e55d93239ae6171b8602de9d029ca725f15efb03890dff57a34c07435687e87a20839d614cc9c90fdf06f5d

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20042\api-ms-win-core-timezone-l1-1-0.dll

Filesize
18KB

MD5
c54a336fdc425291b1d972f6fbaca6c7

SHA1
ea3872c198f3f41e41dcc42cf92aabbc6540579d

SHA256
8d1f5410f8b4326876410b45fcdcabb96bea4941f71ea5b11cb6dae80e6bdd49

SHA512
abe7694493ce2e367582be1155fb5100a7840e67eb1f646dbd5360a47b430ec03634a3f1a940a8a5f555d96da0fdab66a4a2de544b847234e38b588cf597e0e9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20042\python310.dll

Filesize
3.9MB

MD5
87bb8d7f9f22e11d2a3c196ee9bf36a5

SHA1
45dfcb22987f5a20a9b32410336c0d097ca91b35

SHA256
1269f15b1c8daa25af81e6ad22f9bcebfd2c76aec81c18c6d800460b7105bf98

SHA512
75bb2ae36b693e2a1e5ba003503d07ba975f9436fb3da9bf3fc4087a281cb172fa9bd13ad6fc27a62f796af6cbe0c800e2a169c65949a96bd4d0e150f4858288

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20042\ucrtbase.dll

Filesize
1.1MB

MD5
29c9f59033067b7d9465318416ce9902

SHA1
e262dfb76103322f12bc7b87507cb45b96459818

SHA256
7e1943a3fee74db5564b3f96007bd997bc3e8248b45b27baa88d5ddeaef55737

SHA512
d38bd0566305c160fb078c0199cd1b1868ecbf7b271f1efb5a592528503e05381b2e949ea97259ed9155da5ce6234c3ceb81e8271614970cc4704100f9bb0dc4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads