Analysis

  • max time kernel
    15s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 18:57

General

  • Target

    main.exe

  • Size

    14.1MB

  • MD5

    96cdf9111649e40701b90e064e4917c9

  • SHA1

    98cf41e395e67696b9610a3526a68abd86dc909e

  • SHA256

    2d5d333b432a189db7122e9b2c209c2144bc62f0a3d74e41d24a2f7a71709481

  • SHA512

    154b6978254cf43c1aa83b895727854ad90aa819f1989a45d0e56809695b12991048b98df6ad85222b086e26efaf6d7327eefd3661f4f1787e5c6f9918e83d20

  • SSDEEP

    393216:8V99Q1dZHaY285L1V8d+BtU1fNlv/pYZH3gJs/Htrt:i99Q1dxadcRJUJ3v/qH3nrt

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\main.exe
    "C:\Users\Admin\AppData\Local\Temp\main.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:756
    • C:\Users\Admin\AppData\Local\Temp\main.exe
      "C:\Users\Admin\AppData\Local\Temp\main.exe"
      2⤵
      • Loads dropped DLL
      PID:2984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI7562\python39.dll

    Filesize

    1.5MB

    MD5

    3d7de1ca1182f7d64079531afadbe8bb

    SHA1

    48948069e4ee7869113144e02cc8f1a0fc939753

    SHA256

    5eab9f12ad11850eafa3490a615940d819a9688b405cbfe083a3ab08605bd71d

    SHA512

    8d495e3473a56e90fd58102d7c02654dba988932b8e6a0e87f8f5f2f162dbeef2e9eac96b1ac125977f06ca7c585e1a3358643502bd655e0cf1d38876dcc3dad

  • memory/2984-94-0x000007FEF5FA0000-0x000007FEF6431000-memory.dmp

    Filesize

    4.6MB