Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21/05/2024, 19:35

General

  • Target

    avast.exe

  • Size

    40.2MB

  • MD5

    99a40c5610866ea995af39f172b448e2

  • SHA1

    42849a94592d63ff5013114555130f994455efab

  • SHA256

    b7a58e2ca2dcce78f002f12b041ffce01dc7d6faa32c5986ec6720f67e36b175

  • SHA512

    e0dfb5720bb1641f58a8c8eac411422c480f386c851948a9c9313cbda8a9d618764835c056c6a98e3ea4b31b97c2fac5295ae9086395218a5d2521a2ad9e622c

  • SSDEEP

    786432:V+gX4BMdhwzTQXR5FbPp3CLTFcSS5U/LT2K3jygVLzjvJVS2owW+e5Jz9M:PXGMm4XR3b9CLmSCU/+eyglvv/S2owWS

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\avast.exe
    "C:\Users\Admin\AppData\Local\Temp\avast.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2728
    • C:\Users\Admin\AppData\Local\Temp\avast.exe
      "C:\Users\Admin\AppData\Local\Temp\avast.exe"
      2⤵
      • Loads dropped DLL
      PID:672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI27282\python312.dll

    Filesize

    6.6MB

    MD5

    5c5602cda7ab8418420f223366fff5db

    SHA1

    52f81ee0aef9b6906f7751fd2bbd4953e3f3b798

    SHA256

    e7890e38256f04ee0b55ac5276bbf3ac61392c3a3ce150bb5497b709803e17ce

    SHA512

    51c3b4f29781bb52c137ddb356e1bc5a37f3a25f0ed7d89416b14ed994121f884cb3e40ccdbb211a8989e3bd137b8df8b28e232f98de8f35b03965cfce4b424f