Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
28-05-2024 18:36
Behavioral task
behavioral1
Sample
massdm_1.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
massdm_1.exe
Resource
win10v2004-20240508-en
General
-
Target
massdm_1.exe
-
Size
8.2MB
-
MD5
fee6942d5431bf2b6eaa4fc9e9ebf043
-
SHA1
4ff6b253086af0744dab4df921c72a6b6c345e8f
-
SHA256
275aacc2cec3ea050be9fb7aae0a2325d24fc5381152a4e667fb2f06658a0136
-
SHA512
9598d02825ba10850be406686180023f5a54e76a849173e448a9085923066c15b95fe14551a5484d967b533a8b1052aa042f24fe85353df80bc7b0b6f605b803
-
SSDEEP
196608:jjr+gp1Dw9onJ5hrZERF//Q3jo4UR7+xpIrh6xDnikGZ0Ap:FpNw9c5hlERV/A2RSx6ElikG
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
massdm_1.exepid process 2748 massdm_1.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
massdm_1.exedescription pid process target process PID 2344 wrote to memory of 2748 2344 massdm_1.exe massdm_1.exe PID 2344 wrote to memory of 2748 2344 massdm_1.exe massdm_1.exe PID 2344 wrote to memory of 2748 2344 massdm_1.exe massdm_1.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\_MEI23442\python39.dllFilesize
4.2MB
MD5c4b75218b11808db4a04255574b2eb33
SHA1f4a3497fb6972037fb271cfdc5b404a4b28ccf07
SHA25653f27444e1e18cc39bdb733d19111e392769e428b518c0fc0839965b5a5727a2
SHA5120b7ddbe6476cc230c7bdd96b5756dfb85ab769294461d1132f0411502521a2197c0f27c687df88a2cd1ab53332eaa30f17fa65f93dac3f5e56ed2b537232e69c