Overview

overview

7

Static

static

3

fef94c84bc...ec.exe

windows7-x64

7

fef94c84bc...ec.exe

windows10-2004-x64

Analysis

  • max time kernel
    357s
  • max time network
    359s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    10/06/2024, 05:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fef94c84bc97a47f879457fbefcae24df62ebf1171358f22d83444a5e97eedec.exe

  • Size

    13.1MB

  • MD5

    51d76280701cf761e9edc77eb017ed33

  • SHA1

    9d468fc9c3035ed20661bb9fa6dfe3602065459f

  • SHA256

    fef94c84bc97a47f879457fbefcae24df62ebf1171358f22d83444a5e97eedec

  • SHA512

    2c0096ca1cfa3734e6f17229ab88d4e6154f06fa09defc073fba7c297be2b7b18aa262fc5a188121f0f66ed44ed9811eae296264a5736fa519e4446b3fe2db99

  • SSDEEP

    393216:PEkmD6u1+TtIiFTY9Z8D8Ccl6lWCDnlbVkLXKA:P06u1QtIea8DZcIlWCDlMKA

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fef94c84bc97a47f879457fbefcae24df62ebf1171358f22d83444a5e97eedec.exe
    "C:\Users\Admin\AppData\Local\Temp\fef94c84bc97a47f879457fbefcae24df62ebf1171358f22d83444a5e97eedec.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1524
    • C:\Users\Admin\AppData\Local\Temp\fef94c84bc97a47f879457fbefcae24df62ebf1171358f22d83444a5e97eedec.exe
      "C:\Users\Admin\AppData\Local\Temp\fef94c84bc97a47f879457fbefcae24df62ebf1171358f22d83444a5e97eedec.exe"
      2⤵
      • Loads dropped DLL
      PID:2512

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI15242\python312.dll
    Filesize

    6.6MB

    MD5

    3c388ce47c0d9117d2a50b3fa5ac981d

    SHA1

    038484ff7460d03d1d36c23f0de4874cbaea2c48

    SHA256

    c98ba3354a7d1f69bdca42560feec933ccba93afcc707391049a065e1079cddb

    SHA512

    e529c5c1c028be01e44a156cd0e7cad0a24b5f91e5d34697fafc395b63e37780dc0fac8f4c5d075ad8fe4bd15d62a250b818ff3d4ead1e281530a4c7e3ce6d35

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI15242\python312.dll
    Filesize

    6.3MB

    MD5

    65aa22bd95bf07d2a157f59a30ebb09c

    SHA1

    d68f6aba1c59f5b4f649951fe8ab1f1ae30f6acd

    SHA256

    0fff66ded7b9ffff4e2fdfe9292bfd7e2cec62f516e43fe13e7ea1c381a7412e

    SHA512

    e05e99e2852743516428487a05550c86a60085c2fe5ee2afdb8feba2bccf85df22112fe0d859ef0024e2b4301cd0a5edc26823788c0654e5a29e7a733e779ae8

    Download Submit