Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
19-06-2024 08:31
Behavioral task
behavioral1
Sample
Redengine Crack.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Redengine Crack.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
main.pyc
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
main.pyc
Resource
win10v2004-20240508-en
General
-
Target
Redengine Crack.exe
-
Size
17.0MB
-
MD5
ab167bc1cb763ad2cfdfc86ee45b9f22
-
SHA1
03c9e4fe5f1b789adae9ea0f91789c8ad58aa10c
-
SHA256
2da8c55da46f148005b1b6eb5eaf231091b9f05ce4f73085abea04c242d77af4
-
SHA512
f39cdba1aab81ee29ea44e21857abf5a51a70887ca476768a5abdcd38a721d2fd51915e356c925946d5837a749c4df7229c875b2efe5831f5c3ec4f2545b9d42
-
SSDEEP
393216:UxAhZ1FeREWOL2Vmd6m7/m3pz0GzajJBfrSsvItRzxFHkhy7Yc:Um7jeRayVmdRKDEJB2sQtxxFE8
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
Redengine Crack.exepid process 3056 Redengine Crack.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
Redengine Crack.exedescription pid process target process PID 944 wrote to memory of 3056 944 Redengine Crack.exe Redengine Crack.exe PID 944 wrote to memory of 3056 944 Redengine Crack.exe Redengine Crack.exe PID 944 wrote to memory of 3056 944 Redengine Crack.exe Redengine Crack.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\Redengine Crack.exe"C:\Users\Admin\AppData\Local\Temp\Redengine Crack.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:944 -
C:\Users\Admin\AppData\Local\Temp\Redengine Crack.exe"C:\Users\Admin\AppData\Local\Temp\Redengine Crack.exe"2⤵
- Loads dropped DLL
PID:3056
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.3MB
MD52135da9f78a8ef80850fa582df2c7239
SHA1aac6ad3054de6566851cae75215bdeda607821c4
SHA256324963a39b8fd045ff634bb3271508dab5098b4d99e85e7648d0b47c32dc85c3
SHA512423b03990d6aa9375ce10e6b62ffdb7e1e2f20a62d248aac822eb9d973ae2bf35deddd2550a4a0e17c51ad9f1e4f86443ca8f94050e0986daa345d30181a2369