01851640646741b083d5f06c79431f6769707969b66ee8919271dcd9105eeb61

Analysis

max time kernel
43s
max time network
16s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
28-05-2024 02:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PixelFlasher.exe
Size

40.6MB
MD5

c40ceed7a4f72fca99b2dc8d6ffb333b
SHA1

8fd09575b308eea6191c47b992e8e3b864e87035
SHA256

01851640646741b083d5f06c79431f6769707969b66ee8919271dcd9105eeb61
SHA512

e785623a4bfa8d6fb6c5e1e9d7cc0866f72c813c89867919e327acb1e77c9688963b16a676aaa1438a8c3df34401389a1cf7d6654d0cd5a096b8b6024da321c3
SSDEEP

786432:5QlwhY9Rj+T77dXPvY2fYQFf1QtI1CuA0udNdie3MmKG6jtkVyHTGtZ4G:ylwhY9+7VHdfzdiIEZ18VG604T0Z4

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

Processes:

PixelFlasher.exe

pid process

316 PixelFlasher.exe
316 PixelFlasher.exe
316 PixelFlasher.exe
316 PixelFlasher.exe
316 PixelFlasher.exe
316 PixelFlasher.exe
316 PixelFlasher.exe

pid	process
316	PixelFlasher.exe
316	PixelFlasher.exe
316	PixelFlasher.exe
316	PixelFlasher.exe
316	PixelFlasher.exe
316	PixelFlasher.exe
316	PixelFlasher.exe

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

PixelFlasher.exe

description	pid	process	target process
PID 1844 wrote to memory of 316	1844	PixelFlasher.exe	PixelFlasher.exe
PID 1844 wrote to memory of 316	1844	PixelFlasher.exe	PixelFlasher.exe
PID 1844 wrote to memory of 316	1844	PixelFlasher.exe	PixelFlasher.exe

C:\Users\Admin\AppData\Local\Temp\PixelFlasher.exe
"C:\Users\Admin\AppData\Local\Temp\PixelFlasher.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1844

C:\Users\Admin\AppData\Local\Temp\PixelFlasher.exe
"C:\Users\Admin\AppData\Local\Temp\PixelFlasher.exe"
2⤵
- Loads dropped DLL
PID:316

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI18442\api-ms-win-core-file-l1-2-0.dll
Filesize
13KB

MD5
fa6953700659b11c2d82fb521d2e8664

SHA1
07c7d14fdfd1686a424820f77733d1d4f3c75e31

SHA256
4dcc72554ffaa121decaf6e5bd3081198f017d735a07cc6d23d8a56b1383a61e

SHA512
1300c6ab6377e717dfac9e2f78c1218dee91e8fde25454f65ab32095a949c1be5b67aa3ed1c1d9f78d0c8bc9830f5c1dc0e6e01e91effec20ead6cdd9a3f639f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI18442\api-ms-win-core-file-l2-1-0.dll
Filesize
13KB

MD5
621a34a36c202e4c4e59a6077c22cb5e

SHA1
ec696fd4e8e5935a722e88a551593593a12e882e

SHA256
746cde47f460ab4ef45a3158cbc038b166c86b03114c259ea5c759001692c079

SHA512
04e94784a70a576235d5bec58c57b8b3cfc01d7b292287f299deaf52523cef51c2790874116e666e5bc672453beafe173cf1afbe49a5f3076b83344298643ae0

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI18442\api-ms-win-core-localization-l1-2-0.dll
Filesize
15KB

MD5
2395f675152f25bdc501c1b698b3f70a

SHA1
829eb4dee9604330072c124b9bddf4a4e96a7c98

SHA256
4173e50962540ec0708930d7c456164d4e0fa96d49efb034621eb06e67ac0563

SHA512
7c0125e248387d268a337fa2a0090e6b8713e6205d22fb23a4ce9635fb0f5b79a0e3d28aab3050cc0445ef065632052c23341b1ac22dbd947ac4262fd63a1b51

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI18442\api-ms-win-core-processthreads-l1-1-1.dll
Filesize
13KB

MD5
81a255549e9b3467276810f94a67512d

SHA1
c3bf694f5d030d5a29ebb9ae70010be4571cec17

SHA256
8447c3c56f83e5a9407bf446cfc037d149b945611f03798f731e49145fca81c2

SHA512
05e6d83baa20b38d8710ed06c62ef8603c37d70fd0f6036f54a50ad041575d52f23c56bcebb12df8bf7cd9327c46522e59bcda47e2fcabfb0e5c11247708afa4

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI18442\api-ms-win-core-timezone-l1-1-0.dll
Filesize
13KB

MD5
59f3aeb2eda80ffc000b99f27ec99d14

SHA1
2961c514b480424b3512d424dcd7d295477b243a

SHA256
e1c41c6525ed510aa75ec671f86d22a005ffd9a856a74dcf09bf3256e301a8ab

SHA512
ff1980c859c7a23ded484a51e596fd591df855e0266961c4620373d42190152f92df83683779a79561d46bd5d238d7d178cfa2952dee316a742a72835be44992

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI18442\python311.dll
Filesize
5.5MB

MD5
387bb2c1e40bde1517f06b46313766be

SHA1
601f83ef61c7699652dec17edd5a45d6c20786c4

SHA256
0817a2a657a24c0d5fbb60df56960f42fc66b3039d522ec952dab83e2d869364

SHA512
521cde6eaa5d4a2e0ef6bbfdea50b00750ae022c1c7bd66b20654c035552b49c9d2fac18ef503bbd136a7a307bdeb97f759d45c25228a0bf0c37739b6e897bad

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI18442\ucrtbase.dll
Filesize
987KB

MD5
637c17ad8bccc838b0cf83ffb8e2c7fd

SHA1
b2dd2890668e589badb2ba61a27c1da503d73c39

SHA256
be7368df484688493fb49fb0c4ad641485070190db62a2c071c9c50612e43fed

SHA512
f6b727c319ca2e85a9b5c5e0b9d8b9023f0cf4193fab983cfa26060923374c6abd6d11db1da2e524a8b04622a4e13beb4c48dc23f98886d4abb33eb09f3a0776

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads