604d2a693634ed16a6d84f446ca7d208408f57e87ec30f35a577c27e2cc542f7

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28-04-2024 13:43

Target

micify-stealer-main4.21/micify-stealer-main/main.exe
Size

19.8MB
MD5

ce52604a9ada5cf25e82b078688ad019
SHA1

6eddf09acd225f25945dfb088ae8ff50d4dcd1b4
SHA256

88490f0f3245ea7b04344b71884a3ec939053f2c030272c1d6b29fab5846cdb8
SHA512

ba95a4d55ff192ef241ae0ff17cbd83d343a99b34cf59d37014d84a29e0669af48ba2303441418f3e12112c2732dc4c8fa5f7fac910a506eef95777e60b1d58e
SSDEEP

393216:CEkZQtsJJpUTLfhJKQETSrvJQ7ErYeG41UXFZeGZ:ChQtshUTLJQQEWrhQI/5

Score

7^/10

pid	process
1652	main.exe

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

main.exe

description	pid	process	target process
PID 2888 wrote to memory of 1652	2888	main.exe	main.exe
PID 2888 wrote to memory of 1652	2888	main.exe	main.exe
PID 2888 wrote to memory of 1652	2888	main.exe	main.exe

C:\Users\Admin\AppData\Local\Temp\micify-stealer-main4.21\micify-stealer-main\main.exe
"C:\Users\Admin\AppData\Local\Temp\micify-stealer-main4.21\micify-stealer-main\main.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2888

C:\Users\Admin\AppData\Local\Temp\micify-stealer-main4.21\micify-stealer-main\main.exe
"C:\Users\Admin\AppData\Local\Temp\micify-stealer-main4.21\micify-stealer-main\main.exe"
2⤵
- Loads dropped DLL
PID:1652

C:\Users\Admin\AppData\Local\Temp\_MEI28882\python311.dll
Filesize
5.5MB

MD5
5a5dd7cad8028097842b0afef45bfbcf

SHA1
e247a2e460687c607253949c52ae2801ff35dc4a

SHA256
a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce

SHA512
e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

Download Submit