Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29-05-2024 13:14
Behavioral task
behavioral1
Sample
Built.exe
Resource
win7-20240221-en
General
-
Target
Built.exe
-
Size
7.4MB
-
MD5
2c628deb80a8e0564ab2880b28e18af1
-
SHA1
733f8d93a98fb60ce981de24deb7928fc2848e8d
-
SHA256
b1b3013a32c2d73a5144e0371065a91d04b8a3b227eaf3de75bf41078d903188
-
SHA512
8d75e415a11863bee4763b572729d8090a63fa9487550b45a28ba2723cb410735a5cf7e9dc5a3cf857bb0bddb3e7775cca018b4df2d78e77c2e5477fb3509054
-
SSDEEP
196608:urPoP9VwiBurErvI9pWjgfPvzm6gsFEB4Aun:PlWyurEUWjC3zDb84Aun
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
Built.exepid process 2536 Built.exe -
Processes:
resource yara_rule C:\Users\Admin\AppData\Local\Temp\_MEI21882\python311.dll upx -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
Built.exedescription pid process target process PID 2188 wrote to memory of 2536 2188 Built.exe Built.exe PID 2188 wrote to memory of 2536 2188 Built.exe Built.exe PID 2188 wrote to memory of 2536 2188 Built.exe Built.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.6MB
MD5ccdbd8027f165575a66245f8e9d140de
SHA1d91786422ce1f1ad35c528d1c4cd28b753a81550
SHA256503cd34daed4f6d320731b368bbd940dbac1ff7003321a47d81d81d199cca971
SHA512870b54e4468db682b669887aeef1ffe496f3f69b219bda2405ac502d2dcd67b6542db6190ea6774abf1db5a7db429ce8f6d2fc5e88363569f15cf4df78da2311