Overview

overview

7

Static

static

3

main.exe

windows7-x64

7

main.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    16s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 23:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    main.exe

  • Size

    13.9MB

  • MD5

    e83f75c3a826f6620dfd0e0d70088a9a

  • SHA1

    2abd692e332d25bee1d28b9a73434eedb04c43ab

  • SHA256

    138a520efa4b99a58f2f81676c19f09d3e6078cb280b0bdf500fa85138bd71a0

  • SHA512

    0220b24c4718b9cb4e8517dcc03a10a1702a23a46421c90416f52485d39ba7a7d44ea3da772c60d4da7a0d111ee7d8eb15c6e10bb95bfb6ed9cc7f2557ba735f

  • SSDEEP

    393216:CpC+Kmr2pu0tTNk3meOcGfd8nB1enWuMK/:F+Kmr2puIha85FgCqA

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\main.exe
    "C:\Users\Admin\AppData\Local\Temp\main.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1624
    • C:\Users\Admin\AppData\Local\Temp\main.exe
      "C:\Users\Admin\AppData\Local\Temp\main.exe"
      2⤵
      • Loads dropped DLL
      PID:2848

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI16242\api-ms-win-core-file-l1-2-0.dll
          Filesize

          12KB

          MD5

          49e3260ae3f973608f4d4701eb97eb95

          SHA1

          097e7d56c3514a3c7dc17a9c54a8782c6d6c0a27

          SHA256

          476fbad616e20312efc943927ade1a830438a6bebb1dd1f83d2370e5343ea7af

          SHA512

          df22cf16490faa0dc809129ca32eaf1a16ec665f9c5411503ce0153270de038e5d3be1e0e49879a67043a688f6c42bdb5a9a6b3cea43bf533eba087e999be653

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI16242\api-ms-win-core-localization-l1-2-0.dll
          Filesize

          15KB

          MD5

          71457fd15de9e0b3ad83b4656cad2870

          SHA1

          c9c2caf4f9e87d32a93a52508561b4595617f09f

          SHA256

          db970725b36cc78ef2e756ff4b42db7b5b771bfd9d106486322cf037115bd911

          SHA512

          a10fcf1d7637effff0ae3e3b4291d54cc7444d985491e82b3f4e559fbb0dbb3b6231a8c689ff240a5036a7acae47421cda58aaa6938374d4b84893cce0077bc8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI16242\api-ms-win-core-processthreads-l1-1-1.dll
          Filesize

          13KB

          MD5

          e93816c04327730d41224e7a1ba6dc51

          SHA1

          3f83b9fc6291146e58afce5b5447cd6d2f32f749

          SHA256

          ca06ccf12927ca52d8827b3a36b23b6389c4c6d4706345e2d70b895b79ff2ec8

          SHA512

          beaab5a12bfc4498cdf67d8b560ef0b0e2451c5f4634b6c5780a857666fd14f8a379f42e38be1beefa1c3578b2df913d901b271719ac6794bfaab0731bb77bca

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI16242\python311.dll
          Filesize

          5.5MB

          MD5

          58e01abc9c9b5c885635180ed104fe95

          SHA1

          1c2f7216b125539d63bd111a7aba615c69deb8ba

          SHA256

          de1b95d2e951fc048c84684bc7df4346138910544ee335b61fc8e65f360c3837

          SHA512

          cd32c77191309d99aeed47699501b357b35669123f0dd70ed97c3791a009d1855ab27162db24a4bd9e719b68ee3b0539ee6db88e71abb9a2d4d629f87bc2c081

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI16242\ucrtbase.dll
          Filesize

          994KB

          MD5

          8e7680a8d07c3c4159241d31caaf369c

          SHA1

          62fe2d4ae788ee3d19e041d81696555a6262f575

          SHA256

          36cc22d92a60e57dee394f56a9d1ed1655ee9db89d2244a959005116a4184d80

          SHA512

          9509f5b07588a08a490f4c3cb859bbfe670052c1c83f92b9c3356afa664cb500364e09f9dafac7d387332cc52d9bb7bb84ceb1493f72d4d17ef08b9ee3cb4174

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI16242\api-ms-win-core-file-l2-1-0.dll
          Filesize

          12KB

          MD5

          7f14fd0436c066a8b40e66386ceb55d0

          SHA1

          288c020fb12a4d8c65ed22a364b5eb8f4126a958

          SHA256

          c78eab8e057bddd55f998e72d8fdf5b53d9e9c8f67c8b404258e198eb2cdcf24

          SHA512

          d04adc52ee0ceed4131eb1d133bfe9a66cbc0f88900270b596116064480afe6ae6ca42feb0eaed54cb141987f2d7716bb2dae947a025014d05d7aa0b0821dc50

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI16242\api-ms-win-core-timezone-l1-1-0.dll
          Filesize

          13KB

          MD5

          acf40d5e6799231cf7e4026bad0c50a0

          SHA1

          8f0395b7e7d2aac02130f47b23b50d1eab87466b

          SHA256

          64b5b95fe56b6df4c2d47d771bec32bd89267605df736e08c1249b802d6d48d1

          SHA512

          f66a61e89231b6dc95b26d97f5647da42400bc809f70789b9afc00a42b94ea3487913860b69a1b0ee59ed5eb62c3a0cade9e21f95da35fdd42d8ce51c5507632

          Download Submit