6477adf8affe7a65c8fca2a853fafe8236fc56b6edaead08b4364920458ba8c1 | Triage

Analysis

max time kernel
1566s
max time network
1568s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
02/06/2024, 18:29

Sharing

Report Analysis Logs

General

Target

StickFightMenu/main.exe
Size

8.0MB
MD5

5926f9875dd78af6d002119eba145453
SHA1

3d0fda28b3ba91d1fde55ac35c5c062703e8ca11
SHA256

5ca8f179c93904d95293e1cea5100526c90ac707f43ce89250ec879642464371
SHA512

0208618425beb8a4ce2d14527b2e5c341c446865a68295ffd91d3a57e9e9f8a89515ed6703ba4e0cbfad77d79166b38834012dbf5b7aa2706ccfbfb54777ffa6
SSDEEP

196608:bbL2VsLZy7YM30Lzajk/1k0W8/L13+dgScCpvGn:vL2Vu0GzajaDW8B3+d9p

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
988	main.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2192 wrote to memory of 988	2192	main.exe	28
PID 2192 wrote to memory of 988	2192	main.exe	28
PID 2192 wrote to memory of 988	2192	main.exe	28

C:\Users\Admin\AppData\Local\Temp\StickFightMenu\main.exe
"C:\Users\Admin\AppData\Local\Temp\StickFightMenu\main.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2192
- C:\Users\Admin\AppData\Local\Temp\StickFightMenu\main.exe
  "C:\Users\Admin\AppData\Local\Temp\StickFightMenu\main.exe"
  2⤵
  - Loads dropped DLL
  PID:988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI21922\python39.dll

Filesize
4.3MB

MD5
2135da9f78a8ef80850fa582df2c7239

SHA1
aac6ad3054de6566851cae75215bdeda607821c4

SHA256
324963a39b8fd045ff634bb3271508dab5098b4d99e85e7648d0b47c32dc85c3

SHA512
423b03990d6aa9375ce10e6b62ffdb7e1e2f20a62d248aac822eb9d973ae2bf35deddd2550a4a0e17c51ad9f1e4f86443ca8f94050e0986daa345d30181a2369

Download Submit