Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 19:03
Behavioral task
behavioral1
Sample
legendary.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
legendary.exe
Resource
win10v2004-20240508-en
General
-
Target
legendary.exe
-
Size
8.1MB
-
MD5
756371a5e646e52ec556fe5c869c5558
-
SHA1
11c5a92bc2dc56a07c807c7bca788ba3bc04936a
-
SHA256
01ea22ea51749f46a0019657f64fc0d34429fb7cbf9b590c0848c0e0bd9c1f07
-
SHA512
f74f1b4e91fdbfa6f2a899158c6efffd85181f578f5b46f9b1e07497a9ca990accc5f27e3320e864aad2f003f74804facb78adf3b310fa38da0efbbef8d4617b
-
SSDEEP
196608:b5QaoaQQgSfeaICteEroXx7IP0oTcMsABqb6delGEwVS6g3u:9QaoaQQReaInEroXOMogFABqbwe4fVSu
Malware Config
Signatures
-
Loads dropped DLL 7 IoCs
Processes:
legendary.exepid Process 2488 legendary.exe 2488 legendary.exe 2488 legendary.exe 2488 legendary.exe 2488 legendary.exe 2488 legendary.exe 2488 legendary.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
legendary.exedescription pid Process procid_target PID 3024 wrote to memory of 2488 3024 legendary.exe 29 PID 3024 wrote to memory of 2488 3024 legendary.exe 29 PID 3024 wrote to memory of 2488 3024 legendary.exe 29
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD5d92e6a007fc22a1e218552ebfb65da93
SHA13c9909332e94f7b7386664a90f52730f4027a75a
SHA25603bd3217eae0ef68521b39556e7491292db540f615da873dd8da538693b81862
SHA512b8b0e6052e68c08e558e72c168e4ff318b1907c4dc5fc1cd1104f5cae7cc418293013dabbb30c835a5c35a456e1cb22cc352b7ae40f82b9b7311bb7419d854c7
-
Filesize
20KB
MD550abf0a7ee67f00f247bada185a7661c
SHA10cddac9ac4db3bf10a11d4b79085ef9cb3fb84a1
SHA256f957a4c261506484b53534a9be8931c02ec1a349b3f431a858f8215cecfec3f7
SHA512c2694bb5d103baff1264926a04d2f0fe156b8815a23c3748412a81cc307b71a9236a0e974b5549321014065e393d10228a0f0004df9ba677f03b5d244a64b528
-
Filesize
20KB
MD5de5695f26a0bcb54f59a8bc3f9a4ecef
SHA199c32595f3edc2c58bdb138c3384194831e901d6
SHA256e9539fce90ad8be582b25ab2d5645772c2a5fb195e602ecdbf12b980656e436a
SHA512df635d5d51cdea24885ae9f0406f317ddcf04ecb6bfa26579bb2e256c457057607844ded4b52ff1f5ca25abe29d1eb2b20f1709cf19035d3829f36bbe31f550f
-
Filesize
20KB
MD574c264cffc09d183fcb1555b16ea7e4b
SHA10b5b08cdf6e749b48254ac811ca09ba95473d47c
SHA256a8e2fc077d9a7d2faa85e1e6833047c90b22c6086487b98fc0e6a86b7bf8bf09
SHA512285afbcc39717510ced2ed096d9f77fc438268ecaa59cff3cf167fcc538e90c73c67652046b0ee379e0507d6e346af79d43c51a571c6dd66034f9385a73d00d1
-
Filesize
20KB
MD5cb39eea2ef9ed3674c597d5f0667b5b4
SHA1c133dc6416b3346fa5b0f449d7cc6f7dbf580432
SHA2561627b921934053f1f7d2a19948aee06fac5db8ee8d4182e6f071718d0681f235
SHA5122c65014dc045a2c1e5f52f3fea4967d2169e4a78d41fe56617ce9a4d5b30ebf25043112917ff3d7d152744ddef70475937ae0a7f96785f97dcefafe8e6f14d9c
-
Filesize
4.3MB
MD5789b4ecbce732a7e8479e8909f097d16
SHA1a79c2e1ca0ad675a48f3bba0fbdeff1b888f0e74
SHA2568314174dacfc1c4f177be8266c78f147621cf577a39742642a76ec27e7b87b02
SHA512b9b57ff21735c06f4b3957cdd5a3ab54602a7141f1792de52aea0e6fc41be957070b958ab75b1a26a302b6fb17a02e9a187ad289a6af0c72a5ade43b4bf06e6d
-
Filesize
1.1MB
MD53b337c2d41069b0a1e43e30f891c3813
SHA1ebee2827b5cb153cbbb51c9718da1549fa80fc5c
SHA256c04daeba7e7c4b711d33993ab4c51a2e087f98f4211aea0dcb3a216656ba0ab7
SHA512fdb3012a71221447b35757ed2bdca6ed1f8833b2f81d03aabebd2cd7780a33a9c3d816535d03c5c3edd5aaf11d91156842b380e2a63135e3c7f87193ad211499