Analysis
-
max time kernel
121s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
23-05-2024 18:05
Behavioral task
behavioral1
Sample
for mimi.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
for mimi.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
import turtle.pyc
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
import turtle.pyc
Resource
win10v2004-20240508-en
General
-
Target
for mimi.exe
-
Size
8.1MB
-
MD5
5f42897a4afec93d8472646743ddd013
-
SHA1
b2a9e6a425b4ecd7f4e1f08ebc373e6b6aab94f5
-
SHA256
340df16c55441406a0e85cb874256af1cf2c78bd64040dc1982791f51289cb3b
-
SHA512
61c0da52eced535ca66bfa63fd7fda72ca0487846b44641c4f61ebee7ab9c96c4c2edc1a4a5ed84f3708355cf44488aa299896a1d568dcd395041175bfce8fa3
-
SSDEEP
196608:An1JaxOMdQmRfaycBIGpER/1k0W8/L13+dgScMP1GoHPD:gIdQ79uDW8B3+d9jPU0r
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
for mimi.exepid process 2636 for mimi.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
for mimi.exedescription pid process target process PID 2256 wrote to memory of 2636 2256 for mimi.exe for mimi.exe PID 2256 wrote to memory of 2636 2256 for mimi.exe for mimi.exe PID 2256 wrote to memory of 2636 2256 for mimi.exe for mimi.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI22562\python310.dllFilesize
4.3MB
MD5deaf0c0cc3369363b800d2e8e756a402
SHA13085778735dd8badad4e39df688139f4eed5f954
SHA256156cf2b64dd0f4d9bdb346b654a11300d6e9e15a65ef69089923dafc1c71e33d
SHA5125cac1d92af7ee18425b5ee8e7cd4e941a9ddffb4bc1c12bb8aeabeed09acec1ff0309abc41a2e0c8db101fee40724f8bfb27a78898128f8746c8fe01c1631989