Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 13:35

General

  • Target

    Asus Spoofer.exe

  • Size

    20.0MB

  • MD5

    5a7090bcd6bbe21b0137e3e6d05deb62

  • SHA1

    10c45eae193ce28da991ed8fbda13680dc1fdd26

  • SHA256

    a62fbb8137b590bcf3523ea2e611426570de44a35b90dde23c708923f5b63b83

  • SHA512

    2bf18a57deb9b725c3316b59bf775e3f3f23d48d057b972e2cf69a7b2ee5ab819915bf2a9aecb12192c8e949f42a79c8068dbe6d6a8853285a6f12615a229507

  • SSDEEP

    393216:yv9zcQqKXG5L1V8dXurEUWjc3z9WDcD4jv60bbMemnC:U9gQTXaRkdbc0k4r3bbZmC

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Asus Spoofer.exe
    "C:\Users\Admin\AppData\Local\Temp\Asus Spoofer.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2244
    • C:\Users\Admin\AppData\Local\Temp\Asus Spoofer.exe
      "C:\Users\Admin\AppData\Local\Temp\Asus Spoofer.exe"
      2⤵
      • Loads dropped DLL
      PID:2364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22442\python311.dll

    Filesize

    1.6MB

    MD5

    069b018273ea88565919dbc1ffd48334

    SHA1

    8037d5ba2bbdad460469457683b8a3474999d990

    SHA256

    c0472e1f16648a3adaba4e012d518a69c74e5649a65097c16eedf0231fd75ee4

    SHA512

    63e0e6a75334b1d4a4c0da76d199ea7f87ebb8ea768f81bd09b2170cd1cb0d8cf979ae6678d8a4359457ff3c676723a6256b54f2a2077cc419fbc9aa7ce484b5

  • memory/2364-105-0x000007FEF5640000-0x000007FEF5C32000-memory.dmp

    Filesize

    5.9MB