Analysis

  • max time kernel
    28s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 06:04

General

  • Target

    VapeSS.exe

  • Size

    12.9MB

  • MD5

    52e4f04a36e1b177d50c459828a6187a

  • SHA1

    6f3cbb760d9b659046136d7af75422825f713b13

  • SHA256

    3c42994eb5810135749696ba46388a888b4ba35232b281a1528cc98cdfabc8c8

  • SHA512

    1cd617265e5b9338bc02da96d208d79518df168e3b5ee6c57ba64cd5a2a85516e48dc0a0e99de503f45f0a8b121da6daffac45561aedca42b27254ced18f30c8

  • SSDEEP

    196608:72qT4FMIZETSRjPePdrQJOKbABd1Wm8bMg4iGYPo1BWXOe0y5dHMlO:K8QETSRvJju1Wm8dGJ1AXFZdp

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VapeSS.exe
    "C:\Users\Admin\AppData\Local\Temp\VapeSS.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2492
    • C:\Users\Admin\AppData\Local\Temp\VapeSS.exe
      "C:\Users\Admin\AppData\Local\Temp\VapeSS.exe"
      2⤵
      • Loads dropped DLL
      PID:2420

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI24922\python311.dll

          Filesize

          5.5MB

          MD5

          5a5dd7cad8028097842b0afef45bfbcf

          SHA1

          e247a2e460687c607253949c52ae2801ff35dc4a

          SHA256

          a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce

          SHA512

          e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858