Overview

overview

7

Static

static

3

cryptolaemus

windows10-2004-x64

7

cryptolaemus

windows11-21h2-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    29-05-2024 12:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3cc5ee93a9ba1fc57389705283b760c8bd61f35e9398bbfa3210e2becf6d4b05.exe

  • Size

    11.3MB

  • MD5

    282df7bcb720a5b6f409caf9ccda2f75

  • SHA1

    0e62d10ff194e84ed8c6bd71620f56ef9e557072

  • SHA256

    3cc5ee93a9ba1fc57389705283b760c8bd61f35e9398bbfa3210e2becf6d4b05

  • SHA512

    74bbcefb87c037ec93312f67b739c2486258d83e0fb7628352a1dd482c0277a82073427856c0848cda451b7322faab0ae2e6878501c2867827ce6bd9798f3229

  • SSDEEP

    196608:0cHu78K//UoEkXuWJysVYvsOfhumHhtdIQLOMIdiwXa6vTVzy/BOfN1XZuoJnB:Bu7L//HEnWJIuahtaL/dg67RywfNxZuu

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 36 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3cc5ee93a9ba1fc57389705283b760c8bd61f35e9398bbfa3210e2becf6d4b05.exe
    "C:\Users\Admin\AppData\Local\Temp\3cc5ee93a9ba1fc57389705283b760c8bd61f35e9398bbfa3210e2becf6d4b05.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:816
    • C:\Users\Admin\AppData\Local\Temp\3cc5ee93a9ba1fc57389705283b760c8bd61f35e9398bbfa3210e2becf6d4b05.exe
      "C:\Users\Admin\AppData\Local\Temp\3cc5ee93a9ba1fc57389705283b760c8bd61f35e9398bbfa3210e2becf6d4b05.exe"
      2⤵
      • Loads dropped DLL
      • Suspicious use of AdjustPrivilegeToken
      PID:1236

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Cipher\_Salsa20.pyd
    Filesize

    13KB

    MD5

    5b855b3e838d9c7faad4bd736cf56d59

    SHA1

    ad51237a6e2d1beefddabfc8bd8ac0e205ed735f

    SHA256

    7d1b252adc643deeb896430b58cf457436152351eb7fa043b4b24736c9edf864

    SHA512

    180207b3bd88976240eccf39f2f174af0d13feefd9b22b92363c0d947e8bd5b1523417a73d4b5aaf9252a59162e34e2f5df76c837cbd1b458d1830f4d4c70918

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Cipher\_raw_cbc.pyd
    Filesize

    12KB

    MD5

    a1b78a3ce3165e90957880b8724d944f

    SHA1

    a69f63cc211e671a08daad7a66ed0b05f8736cc7

    SHA256

    84e071321e378054b6d3b56bbd66699e36554f637a44728b38b96a31199dfa69

    SHA512

    15847386652cbee378d0ff6aad0a3fe0d0c6c7f1939f764f86c665f3493b4bccaf98d7a29259e94ed197285d9365b9d6e697b010aff3370cf857b8cb4106d7d8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Cipher\_raw_cfb.pyd
    Filesize

    13KB

    MD5

    0dca79c062f2f800132cf1748a8e147f

    SHA1

    91f525b8ca0c0db245c4d3fa4073541826e8fb89

    SHA256

    2a63e504c8aa4d291bbd8108f26eecde3dcd9bfba579ae80b777ff6dfec5e922

    SHA512

    a820299fba1d0952a00db78b92fb7d68d77c427418388cc67e3a37dc87b1895d9ae416cac32b859d11d21a07a8f4cef3bd26ebb06cc39f04ad5e60f8692c659b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Cipher\_raw_ctr.pyd
    Filesize

    14KB

    MD5

    785f15dc9e505ed828356d978009ecce

    SHA1

    830e683b0e539309ecf0f1ed2c7f73dda2011563

    SHA256

    b2b68de1d7e5997eb0c8a44c9f2eb958de39b53db8d77a51a84f1d1b197b58b1

    SHA512

    16033b72be6d66ab3a44b0480eb245d853a100d13a1e820eff5b12ce0bb73e17d6e48b3e778d1b20d0c04fe1fb8a5723c02ed8af434ae64d0944f847796d98f2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Cipher\_raw_ecb.pyd
    Filesize

    10KB

    MD5

    aec314222600ade3d96b6dc33af380a6

    SHA1

    c6af3edadb09ea3a56048b57237c0a2dca33bee1

    SHA256

    ea96505b38d27c085544fb129f2b0e00df5020d323d7853e6a6a8645ac785304

    SHA512

    bbc00aa7fdf178bb6b2d86419c31967f2bc32d157aa7ee3ac308c28d8bf4823c1fafcde6c91651edc05c146e44d7e59e02a76283890652b27c52f509c3b9ef9a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Cipher\_raw_ocb.pyd
    Filesize

    17KB

    MD5

    759aa7ff756f6eb615ab4890dedd113d

    SHA1

    3f6ab4e9a4a6a75e7b5d356582a81afda9ba635f

    SHA256

    242b35bf5918bd1cba69feaad47cbb50431d750edca6033875983e5fd4d9499c

    SHA512

    1fc3feac358b93cc2f6c4825cb150787f1ded00ae616b5b3fa26ebb1b43fec6c2af04436e021a1b0c2e219ab2203108d7447cdfef3d48d710bac18586a107e32

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Cipher\_raw_ofb.pyd
    Filesize

    12KB

    MD5

    4ed6d4b1b100384d13f25dfa3737fb78

    SHA1

    852a2f76c853db02e65512af35f5b4b4a2346abd

    SHA256

    084e4b2da2180ad2a2e96e8804a6f2fc37bce6349eb8a5f6b182116b4d04bd82

    SHA512

    276201a9bcb9f88f4bbac0cd9e3ea2da83e0fb4854b1a0dd63cff2af08af3883be34af6f06ece32fad2fd4271a0a09a3b576f1ed78b8a227d13c04a07eaf0827

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Hash\_BLAKE2s.pyd
    Filesize

    14KB

    MD5

    c482fe81df435cddef783ab0d8ad78b6

    SHA1

    25e0e650f9135110234091d5263be1721b8fe719

    SHA256

    55e20e1effe80f0d6655d690fa445659e0c692b800c4a01ecf3d43dfcb3324b2

    SHA512

    ef5a965b8505944e6b37581763cd9d525bbf1b877bfed319535aab675d0382b8655cd6a4f2832f608c1d89cfd0dae6005deda73a86b9d2d6e874953788ee0d36

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Hash\_MD5.pyd
    Filesize

    15KB

    MD5

    9de2cfd4fe88f9e8e3820ce931fc1129

    SHA1

    c2ea2284200ebbdc1179f36e8fa79f9ed0b27e80

    SHA256

    49e10215e1d6966b03470af10e7d3b8bd5b5d6707a258c3b1286ff002145e3d1

    SHA512

    c6d0e43df0e8f8e665bb1a78005a04f673e6b5211db0a0f1d640088782d736838944f0612a59a3c0cb930631108b93fd8c2d51bf191a81a06fb6d5a3388cff06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Hash\_SHA1.pyd
    Filesize

    17KB

    MD5

    67e8ab67b5db0a50af2aedea886eb362

    SHA1

    a7d071a3be454b78a0a0bb100e5d9859c12f98e6

    SHA256

    044b09a6351db40fe1f242c70942d865ce4cd42a12f24e358f84ae790677d92d

    SHA512

    b2e41422b6642e000d9220a1cf4188b1845a8cf9498338d66ca0dcc0724540694719a4d3eda017ca6f2f77c3d6a6c427c6c86db3910c686cecb58a40c5239e2e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Hash\_SHA256.pyd
    Filesize

    21KB

    MD5

    7a573f50bd6942e9bb68307e5b6a0bff

    SHA1

    7e0e435c8589ec3cecfe6354ae9e5ae868b9b209

    SHA256

    c6cd3f23d027febdf48161d3b74edb6c9d4d1bde23f775990f49572d8eb9dfb9

    SHA512

    9ecd754b99e020a169366cb8c99816070221c4db2c1ef8c23b6dac765e6bb56ea3abbe969025aecede8eb6c3ea8c626562f2cda3c4ea537c5db1a841f19c2ad5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Hash\_ghash_clmul.pyd
    Filesize

    12KB

    MD5

    88e3148d1eb84022e508736d0d488185

    SHA1

    4d1d3251cc5e61c7fcf5dc6273e3d7ba301d6ca9

    SHA256

    ba4c1492bb4884f3d77f61a7d23ec9e190eb7da3a115a271d0954d933264fb71

    SHA512

    25a86c56b84275c2314ad1fd98635b43373977dfc6f2f6737f22b1962a3bb5480539a35db9fbb70fca16f5acb5f19bab63e1cada776d1667d07332322f641a5f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Hash\_ghash_portable.pyd
    Filesize

    13KB

    MD5

    1a3a27f63afeb42c0282eada02ac834a

    SHA1

    fadda44628aef3ec70cc02fc0e43a88c7832f7bc

    SHA256

    e7a7ab2d31aee3b99773c814114d60eb71107ef862930c582f99313943249163

    SHA512

    0d6d397f87cc5a8a83f1df20687c967df4faf80cf0807ae2b06969e16c107f18a5d39ce34c32c42a53d1726a50860c180266ecad81b4235f041920f496b25fc7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Protocol\_scrypt.pyd
    Filesize

    12KB

    MD5

    dd7d22a0afe540c07ce9d919cd779203

    SHA1

    0e76db96ec2d9922937a77abedb7e61037cc8cb9

    SHA256

    880a4418d81c4da0d588c0cfd7c68d8c5476385d9203a2d6ded25a0f7b330a76

    SHA512

    bd720cf67e264040f8076edbb72843305094f1d87bd03a1e9fbeb47564f3963120d76bad6887fea560b45958f2ffa929a7d63ea1ec9b633da23784d98a68c32a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Util\_cpuid_c.pyd
    Filesize

    10KB

    MD5

    a9b7c866c5a18cc96570cca3be6a2433

    SHA1

    4f78c7516e512529b977048bc87ed3a95383b44e

    SHA256

    72998624c023b21f21e449f3268b7e839b248ba55440087cb6b421ed65f9a1b5

    SHA512

    ec890e84384c7b1804ce73b097ef068bada15adb5f76e1e9b2bcc54cde910165a9729f40a1ac18d196ddd3ee4ee60a0cfaa6d56daafcad10630ad2658faf485b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\Crypto\Util\_strxor.pyd
    Filesize

    10KB

    MD5

    5738d83e2a66b6ace4f631a9255f81d9

    SHA1

    5b6ebb0b82738781732cf7cfd497f5aeb3453de2

    SHA256

    f2718adadb6e9958081dcb5570ef737c66772c166a6ad8c0401adcd9a70f46a0

    SHA512

    bb21b62fd7fee22dfa04274d0fa1aec666c7845cd2ec3f01f1a0418a2c68f228ec0ae451c793ccae3aa88f1efee5d6019138c0975497518f990b8511b2fd0e75

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\VCRUNTIME140.dll
    Filesize

    87KB

    MD5

    0e675d4a7a5b7ccd69013386793f68eb

    SHA1

    6e5821ddd8fea6681bda4448816f39984a33596b

    SHA256

    bf5ff4603557c9959acec995653d052d9054ad4826df967974efd2f377c723d1

    SHA512

    cae69a90f92936febde67dacd6ce77647cb3b3ed82bb66463cd9047e90723f633aa2fc365489de09fecdc510be15808c183b12e6236b0893af19633f6a670e66

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\_bz2.pyd
    Filesize

    87KB

    MD5

    92075c2759ac8246953e6fa6323e43fe

    SHA1

    6818befe630c2656183ea7fe735db159804b7773

    SHA256

    e7af6119b56ddd47fd0a909710f7163d7ef4822405fc138d24e6ce9de7a5022f

    SHA512

    7f3a4409859695f53291c96dd487bca2649815bad5f4610c2c6f92777411d39210e293d962573a20dfe73ea15331de7e6c18b017ae1d6f226387eab1fc1f586c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\_cffi_backend.cp37-win_amd64.pyd
    Filesize

    177KB

    MD5

    daccb97b9214bb1366ed40ad583679a2

    SHA1

    89554e638b62be5f388c9bdd35d9daf53a240e0c

    SHA256

    b714423d9cad42e67937531f2634001a870f8be2bf413eacfc9f73ef391a7915

    SHA512

    99fd5c80372d878f722e4bcb1b8c8c737600961d3a9dffc3e8277e024aaac8648c64825820e20da1ab9ad9180501218c6d796af1905d8845d41c6dbb4c6ebab0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\_ctypes.pyd
    Filesize

    131KB

    MD5

    2787764fe3056f37c79a3fc79e620172

    SHA1

    a64d1a047ba644d0588dc4288b74925ed72e6ed4

    SHA256

    41c593c960f3f89b1e1629c6b7bd6171fe306168f816bef02027332a263de117

    SHA512

    1dc5bb470be558c643a3f68e23423697384bc547b1192cd398dff640e28f7df85563bc87643cdcde9b8b4f880f272e13a673a018ae251e100bd99790f993afa0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\_hashlib.pyd
    Filesize

    38KB

    MD5

    7808b500fbfb17c968f10ee6d68461df

    SHA1

    2a8e54037e7d03d20244fefd8247cf218e1d668f

    SHA256

    e2701f4e4a7556adab7415e448070289ba4fe047227f48c3a049d7c3154aff0b

    SHA512

    b4239e792141bcf924f61bfd46033934337079b245f423b34820d36c6599ca35ab06bc525acfff4cafa75e31975fcd0409dedd203377d642fc5dc55ec2c1fa27

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\_lzma.pyd
    Filesize

    251KB

    MD5

    ab582419629183e1615b76fc5d2c7704

    SHA1

    b78ee7e725a417bef50cca47590950e970eae200

    SHA256

    5a45f7cd517ad396a042bc2767ae73221dc68f934e828a9433249924a371ee5e

    SHA512

    3f38441dd0b88b486dafaa1e15d07f0ee467a362c1603071a2fa79de770fa061ced25ca790f0d3139f31178c719cc82ac88601262e2a0ca809708dfa3f6f76ca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\_queue.pyd
    Filesize

    27KB

    MD5

    a48af48dd880c11673469c1ade525558

    SHA1

    01e9bbcd7eccaa6d5033544e875c7c20f8812124

    SHA256

    a98e9f330eeaf40ef516237ab5bc1efac1fc49ed321a128be78dd3fb8733e0a4

    SHA512

    a535dadb79c1ca10506858226442d1d1fb00e5d6f99afa6b539e2506a6627a7bd624a7ee2bc61f55c974113de80fd7a95e6c18e9402736d32d5099077ca1b913

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\_socket.pyd
    Filesize

    74KB

    MD5

    10cd16bb63862536570c717ffc453da4

    SHA1

    b3ef50d7ac4652b5c35f1d86a0130fb43dd5a669

    SHA256

    e002a1bd6fba44681d557b64d439585dba9820226e1c3da5a62628bbaa930ae3

    SHA512

    55ee581c4005901661efaf9aad6ea39b2b2e265579539d464d62e4209638567b3b9fdd945d0bed0a1047f977d374a5707a970c621ca289077e2d6c5aeca491b1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\_sqlite3.pyd
    Filesize

    84KB

    MD5

    244d92824ef54b139ecd4f2b58a5d9d5

    SHA1

    ff5696f6e3dc42e578a580299ac53d8c5e11d917

    SHA256

    fd55c3e3b2863425050619b8d42fe19cf06c1c8e2e11f7076e1f4422663e6851

    SHA512

    10fba938064bca2b9163d6c0d0a0361d0ebd896e32346cade3e4a439475c223ced59ac8f9c51727d5556149b14990ab62ee6769c35cf067aaac5d63dd5d4688f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\base_library.zip
    Filesize

    762KB

    MD5

    4dbdcd4c1d91ebb19d0520ad80f35d78

    SHA1

    1a2e0de2cb1c5be36d3e7ad691bf6b27436dbdb7

    SHA256

    c74288cc76f67f9f3be2ce61b3c4b1df78b082f4d55dc4dd7b68f6a4803ea47e

    SHA512

    8a298985628c895a67adf9538e92ff7527219163dc1c491f5c250bd36532d66f9d9530c04778d535535eeb0f22dcb4c55d22ab3459b6e827d614ca1e7c647031

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\lazagne.exe.manifest
    Filesize

    1KB

    MD5

    6fe7232e13f5f8307c037b54fe0dcc10

    SHA1

    510075454d9179d1c6669df67f126213aabcb99f

    SHA256

    4996109560a79774034a05b398d64b1b441c49f0f03682c4683554c59dd47e5c

    SHA512

    8893febd884f6411025ff9df7d0ef2dbc756baa93903423e805b5e981273838567f2ea60d072d4d98fe9b2f2c25a85800522cebc5e832a3256d4c10605085725

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\libcrypto-1_1.dll
    Filesize

    3.2MB

    MD5

    bf83f8ad60cb9db462ce62c73208a30d

    SHA1

    f1bc7dbc1e5b00426a51878719196d78981674c4

    SHA256

    012866b68f458ec204b9bce067af8f4a488860774e7e17973c49e583b52b828d

    SHA512

    ae1bdda1c174ddf4205ab19a25737fe523dca6a9a339030cd8a95674c243d0011121067c007be56def4eaeffc40cbdadfdcbd1e61df3404d6a3921d196dcd81e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\pyexpat.pyd
    Filesize

    194KB

    MD5

    02d615171b805cc573b28e17611f663f

    SHA1

    2e63b78316b4eae6ee1c25f1f10fbbb84ecef054

    SHA256

    e60b5cbdf7480db1fc829e05ce45703d43d5ba25fdf7fba21cca1d38b1f3b3a4

    SHA512

    b61cd3d16d1a192016a50342ae71fee8f764c4c156e275a320f74cc4ec65755c91c022231d09a76b59d6225960f5a930f1887003b1d6984beeb5a9648b045427

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\python37.dll
    Filesize

    3.6MB

    MD5

    c4e99d7375888d873d2478769a8d844c

    SHA1

    881e42ad9b7da068ee7a6d133484f9d39519ca7e

    SHA256

    12f26beb439ddf8d56e7544b06a0675d5da6670c02f8f9cede7aad1de71eb116

    SHA512

    a5b79a919f15cda2c295c8da923ffe5dd30408376e459669e4e376b9d4d504d43671518d7085352bb90c4ce4efc6d81c91ac6cedbdaa896f916d80f7346a695b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\select.pyd
    Filesize

    26KB

    MD5

    39b7c056bca546778690b9922315f9ff

    SHA1

    5f62169c8de1f72db601d30b37d157478723859b

    SHA256

    9514b4c40c35396b1952a8acf805e993a3875b37370f44ef36ed33c7151412ef

    SHA512

    229538131d83299ea90652818c99972c1ee692c070e7fea9599420c99dd8ae75fb2367e9509aad23984fe0a8d21221a59bd57493b5cd1d6c7391c3c55d714e94

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\sqlite3.dll
    Filesize

    1.2MB

    MD5

    8e75a7cf495ee6c1381b1f4a7979f736

    SHA1

    b6d250bf8d3b04f5666d2eedb7c6eb96614a0081

    SHA256

    48a58913429af487390f4bf7bb1c6790a0a9980ecc6b7a78238cd685f8a2baad

    SHA512

    78c32021a6c3af8a85acaa20481db9b49cbeccc755123d31b50a207cd5925833e454b3cdfc06b51e4b25f49b27e02693a067933f4d697f830cb3b985eeaf13a2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8162\ucrtbase.dll
    Filesize

    970KB

    MD5

    aad2e99881765464c9ad9ccdbe78f0e0

    SHA1

    8634ce21a2683674210e836822fda448262e2e16

    SHA256

    e6287f7ba5892c99da70e9785d320a665809ca8e657a64b9fef1e8afcfb6a2f9

    SHA512

    68d2e898cdd73a3ad41ef3db7a149588a82629ac0628c07606f009bd6a92a62f9816c995b1794c8a957a4f3c55a72fcab17a400a2f55016a0ee8d773a172d002

    Download Submit