Resubmissions

26/05/2024, 16:12

240526-tnx32sda67 10

25/05/2024, 23:21

240525-3cacaaeh66 10

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2024, 23:21

General

  • Target

    ByteVaultX 2.0.exe

  • Size

    9.9MB

  • MD5

    72c65f1b271ae812c9c00fe7dbef3ee7

  • SHA1

    98327e138efdcdbfcb02787ad3f9b729e617df6e

  • SHA256

    d1314cc2b3ddd84224b7b6fe78c9ca75dceed34799b6715086eeacd687e84017

  • SHA512

    21595d8bc9fe4c94a74b28acbe65e9a98f2c39e23d9e41bb5bfcaae01f11c11bfade391f04edd5853081c4ab1df051aa6f71c6203d7eac39b3446a3e357be273

  • SSDEEP

    196608:Th30RIk7AHkPkRJW9GNZA1HeT39Iig6eE9TFa0Z8DOjCdylNo1nz8QW7tx:mGFG8S1+TtIi+Y9Z8D8CclydoPx

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ByteVaultX 2.0.exe
    "C:\Users\Admin\AppData\Local\Temp\ByteVaultX 2.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:992
    • C:\Users\Admin\AppData\Local\Temp\ByteVaultX 2.0.exe
      "C:\Users\Admin\AppData\Local\Temp\ByteVaultX 2.0.exe"
      2⤵
      • Loads dropped DLL
      PID:2184

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI9922\python312.dll

          Filesize

          6.6MB

          MD5

          3c388ce47c0d9117d2a50b3fa5ac981d

          SHA1

          038484ff7460d03d1d36c23f0de4874cbaea2c48

          SHA256

          c98ba3354a7d1f69bdca42560feec933ccba93afcc707391049a065e1079cddb

          SHA512

          e529c5c1c028be01e44a156cd0e7cad0a24b5f91e5d34697fafc395b63e37780dc0fac8f4c5d075ad8fe4bd15d62a250b818ff3d4ead1e281530a4c7e3ce6d35