c458d88feff8c68b10549bcc9e678234a0656f1009aca0bb5572076b32fe85c0

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
25-05-2024 20:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Tuer Pinger v2.1.exe
Size

10.7MB
MD5

59fe9af3425b2ecf3e96a5b444b6e4ee
SHA1

94d98d4b72acf66cd5ffd3e4be239c73927726c7
SHA256

c458d88feff8c68b10549bcc9e678234a0656f1009aca0bb5572076b32fe85c0
SHA512

666fca4ea8e232c99d0de80b35d1a3fca584ea9bef8bf245fd3b937450b3388407ed44921bc610ea5dd8d5f98462729a7ad1f865b830f52b230e57e54ea2ac8c
SSDEEP

196608:Cs2gV0AjZA1HeT39IigjvKub75bcjWgbwau5p0W8/LQhoANNB5/mgzf+AkjKW8p:wv1+TtIiavB5IjWqwau5qW80hoA/FzE

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

Processes:

Tuer Pinger v2.1.exe

pid	process
536	Tuer Pinger v2.1.exe
536	Tuer Pinger v2.1.exe
536	Tuer Pinger v2.1.exe
536	Tuer Pinger v2.1.exe
536	Tuer Pinger v2.1.exe
536	Tuer Pinger v2.1.exe
536	Tuer Pinger v2.1.exe

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

Tuer Pinger v2.1.exe

description	pid	process	target process
PID 1636 wrote to memory of 536	1636	Tuer Pinger v2.1.exe	Tuer Pinger v2.1.exe
PID 1636 wrote to memory of 536	1636	Tuer Pinger v2.1.exe	Tuer Pinger v2.1.exe
PID 1636 wrote to memory of 536	1636	Tuer Pinger v2.1.exe	Tuer Pinger v2.1.exe

C:\Users\Admin\AppData\Local\Temp\Tuer Pinger v2.1.exe
"C:\Users\Admin\AppData\Local\Temp\Tuer Pinger v2.1.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1636

C:\Users\Admin\AppData\Local\Temp\Tuer Pinger v2.1.exe
"C:\Users\Admin\AppData\Local\Temp\Tuer Pinger v2.1.exe"
2⤵
- Loads dropped DLL
PID:536

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI16362\python312.dll
Filesize
6.7MB

MD5
550288a078dffc3430c08da888e70810

SHA1
01b1d31f37fb3fd81d893cc5e4a258e976f5884f

SHA256
789a42ac160cef98f8925cb347473eeeb4e70f5513242e7faba5139ba06edf2d

SHA512
7244432fc3716f7ef27630d4e8fbc8180a2542aa97a01d44dca260ab43966dd8ac98b6023400b0478a4809aace1a128f1f4d6e544f2e591a5b436fd4c8a9d723

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI16362\ucrtbase.dll
Filesize
1.1MB

MD5
515421ddfb75fd1cd224edb6d765abb0

SHA1
9343f37828b2cf8f83b246e59681e635950c02d9

SHA256
1617fcbcf7da6373c49ea27075e879a06a05eaa2d523fc035aabb7daaeab7f27

SHA512
b7a3162a3473b668d26df1d4d28ceb12de61b671b05bacb42dfb45a17127698ed22281d244d2c13b232396dc01f1bf6d39d007b207444aed5fd3e0a45b813ca3

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI16362\api-ms-win-core-file-l1-2-0.dll
Filesize
22KB

MD5
ed5be31d94e10df1af37fad4604770b5

SHA1
f6458eb3f290bbfa9a5f24e1754fb07a654885f6

SHA256
946d6143572774b4fa69804637064bfc209e06b43859d48ab4b001d7615eaae4

SHA512
f107a089b96ae0b62ed76b0b8d5be77a5756837859c4d31199a172fc3bc64de7bc2053175948af6c9e779af0a2483911627beaa9ed079526db2fa19292f986b0

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI16362\api-ms-win-core-file-l2-1-0.dll
Filesize
22KB

MD5
0bac0d006e4fcc5aee4119fa4b52197a

SHA1
a6f1b4c9652ac92ba56e28bfe8877a3000d892ba

SHA256
0d290cf027a69595ec492a6a31bdc8d3743b75af8d3e2977852ee795730110ab

SHA512
6f5f1b891cde12c378f9c540497631f6187ec62da9d332774edfa42dcc7202b0d490e2965a24038099607f91cf6f8b4b72e41a087d0766d5177817cbe9cf4cfa

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI16362\api-ms-win-core-localization-l1-2-0.dll
Filesize
22KB

MD5
20bf471cb827deb38c05541295a34318

SHA1
4410909bc6fa6e88c30ee08f5fb03ea03afab22a

SHA256
57b447577c0dfbad077ff8439f4e3f00269824b2436bd2b3b228aa02e55f29f6

SHA512
5ec0e8612cdc4add68dad1c202adc190795e87c7c3e38d0a3ae25571c6a4f0bd47403e6f7f2f5f1c9fcaf30751226394a3265a4aa76d91f027a7c8e26d78e3aa

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI16362\api-ms-win-core-processthreads-l1-1-1.dll
Filesize
22KB

MD5
e5f624217aa3580fdd5e7873ea89ccc1

SHA1
5e32aea2cea67dbda98b635068a93a4e6665fbb9

SHA256
fc1636ec583b9444580d9037bc3120702abffef0d5c67390363e50ec6ea87d86

SHA512
3f4a237bf3fe4b3762acc99b3154426ce53e6de2ed46ed54ccfa0aeef2ec16b46b4f6491c166a5bb4ea1f52a29373d0448d141f48894aa7171da869056197aa3

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI16362\api-ms-win-core-timezone-l1-1-0.dll
Filesize
22KB

MD5
50427f5c7ff2fd7498ffc1448ebbb842

SHA1
65273390f7a29293bab562f0960459889bb934ba

SHA256
583cf4c4303ed783ed295595d0dd2ae0ca6ca7927e9221dd0fb705aa5d0ee866

SHA512
7f6e5ff3e9486363fd57c6ad3e6bc37a4f5f6d579eef02725a83c210c0e4782ab1499d049fd288dae312724c1a509a48f0fc9c19ebb66bed6c7e3f588f817439

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads