163afcd511767e7b807d8cc5ad2941e7e9024f06d2363b4d3083c5940cf1ca30

Analysis

max time kernel
14s
max time network
17s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
25-06-2024 00:43

Target

Scorpix-ExecutorV2.exe
Size

58.3MB
MD5

9fb5617146c2137a37c210974efeea14
SHA1

70e49be609ab961c27989ae3596f8220dfa45a0d
SHA256

163afcd511767e7b807d8cc5ad2941e7e9024f06d2363b4d3083c5940cf1ca30
SHA512

db85d551ac87adc6b70c41de4fd08e2539d1d25953a3f62457e62ad399dea917a75fdd4c192df935b9b33b1e96ab7ac6f9e262fd54e1a791361121e30ff00087
SSDEEP

786432:bXl9/Qm7QqMoknvNpA+vIlo0FdGgrUKvIjjk3ESWqEp+0/pWTPuxBNxGq:bL/QcQqMrlpA+Ql4kvIswqrS5nNxGq

Score

7^/10

upx

Loads dropped DLL 1 IoCs

pid	Process
2088	Scorpix-ExecutorV2.exe

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/files/0x00030000000207fd-736.dat	upx

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2244 wrote to memory of 2088	2244	Scorpix-ExecutorV2.exe	28
PID 2244 wrote to memory of 2088	2244	Scorpix-ExecutorV2.exe	28
PID 2244 wrote to memory of 2088	2244	Scorpix-ExecutorV2.exe	28

C:\Users\Admin\AppData\Local\Temp\Scorpix-ExecutorV2.exe
"C:\Users\Admin\AppData\Local\Temp\Scorpix-ExecutorV2.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2244
- C:\Users\Admin\AppData\Local\Temp\Scorpix-ExecutorV2.exe
  "C:\Users\Admin\AppData\Local\Temp\Scorpix-ExecutorV2.exe"
  2⤵
  - Loads dropped DLL
  PID:2088

C:\Users\Admin\AppData\Local\Temp\_MEI22442\python311.dll

Filesize
1.6MB

MD5
4fcf14c7837f8b127156b8a558db0bb2

SHA1
8de2711d00bef7b5f2dcf8a2c6871fa1db67cf1f

SHA256
a67df621a383f4ce5a408e0debe3ebc49ffc766d6a1d6d9a7942120b8ec054dc

SHA512
7a6195495b48f66c35b273a2c9d7ff59e96a4180ea8503f31c8b131167c6cdddd8d6fe77388a34096964a73c85eab504281a14ae3d05350cfee5c51d2491cec8

Download Submit
memory/2088-738-0x000007FEF6330000-0x000007FEF6918000-memory.dmp

Filesize
5.9MB

Download