b8a45948f138b56e312f60f0b47690ec72a313f9f7a32aa4ec4776cbbd2cfbd7

Analysis

max time kernel
148s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03/07/2024, 03:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
Size

7.7MB
MD5

20f0163f6ac8b51b748bb812a651b056
SHA1

9f8a3ee15244628ff5482fc17166d39acdfdfed5
SHA256

b8a45948f138b56e312f60f0b47690ec72a313f9f7a32aa4ec4776cbbd2cfbd7
SHA512

75e6b40049f204333d637d4bf6d0af1a36c6f6f2c081d3b83caa4216fab5651edff4fa7276f3e2069bb3c8749a9560cbd7302b90ebd59317888b8a532da19182
SSDEEP

196608:e/jaNcoP1Han9zfDGjXfZ8bntiKX8pWIFd2cHDs6:eWNP14GR8JxUWmJD

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 46 IoCs

pid	Process
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe

Suspicious use of AdjustPrivilegeToken 3 IoCs

description	pid	Process
Token: 35	4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
Token: 33	4024	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4024	AUDIODG.EXE

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4696	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3144 wrote to memory of 4696	3144	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe	81
PID 3144 wrote to memory of 4696	3144	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe	81
PID 3144 wrote to memory of 4696	3144	20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe	81

C:\Users\Admin\AppData\Local\Temp\20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3144
- C:\Users\Admin\AppData\Local\Temp\20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe
  "C:\Users\Admin\AppData\Local\Temp\20f0163f6ac8b51b748bb812a651b056_JaffaCakes118.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of SetWindowsHookEx
  PID:4696

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x544 0x540
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI31442\SDL2.dll

Filesize
1.2MB

MD5
3f25925f454362a61705694be43b62c9

SHA1
5794b736c9342b9b4c2e91fd2fc580e87d168664

SHA256
f70051e79801f33793090ee0e99d8d57cb392121064dbe0a6b66b375e3f9b6ea

SHA512
0e7bdb14078125146a00b487db2778ab30901ed121b9b7a9bce3f9e077acb9860c206be44c2319567eb04091744516e8d7b240c4d02f27da517e642c48ffabdb

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\SDL2_image.dll

Filesize
114KB

MD5
129c15c173a927513d2fac86e424f616

SHA1
3b120cf2265f9a2495b6f92b1fdc8d4a9f8d19ab

SHA256
7ddceb00fff15b05ef03adbd1ab6d1514cac6dd4646376a0a94f2248c66f6db7

SHA512
48724632e7f9e7dc466b92584ebb34f2fbc9f48ca4b7391ce6b7ac7d6dd54e61783eb914f6b011e804e9f35a30209e905ba16a172a285f9c1165f1d5a3bb4b66

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\VCRUNTIME140.dll

Filesize
81KB

MD5
aeab74db6bc6c914997f1a8a9ff013ec

SHA1
6b717f23227d158d6aa566498c438b8f305a29b5

SHA256
18ccb2dd8af853f4e6221bb5513e3154ef67ae61cee6ec319a8a97615987dc4b

SHA512
a2832b7720599361e2537f79a2597acb1a2d5633fdfe20a0d1075e9457683fdb1d5676d121c0bf1a825ff99512dcd924254f1151b50aae922acc0cc10f461036

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\_bz2.pyd

Filesize
76KB

MD5
1c52ba084a3723940c0778ab5186893a

SHA1
5150a800f217562490e25dd74d9eead992e10b2d

SHA256
cb008e0a6c65ddb5f20ab96e65285dee874468df203faeafca5e9b4a9f2918dc

SHA512
b397508607a1c7ccef88c6a941398f78ba4f97cf8a32f40764673db34c20eea61364148260d87014348613eb07e959a043b505702437e33927249899bf4522b3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\_ctypes.pyd

Filesize
102KB

MD5
10861d3fa19d7dc3b41eb6f837340782

SHA1
b258d223b444ab994ec2fec95acaa9f82dc3938c

SHA256
6255bab0b7f3e2209a9c8b89a3e1ec1bbc7a29849a18e70c0cf582a63c90bed1

SHA512
ec83134c9bce9cedeee8ebdb8e382fb7f944a7bc9d3bb47c7e3144ef2ef95114a36ac1cc8c0d52f434ee4c359d938a2d7c035e699c4407df728e200de7da4af9

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\_hashlib.pyd

Filesize
31KB

MD5
4f51ed287bbae386090a9bcc3531b2b8

SHA1
26bd991ae8c86b6535bb618c2d20069f6d98e446

SHA256
5b6da4b43c258b459159c4fbc7ad3521b387c377c058fe77ad74ba000606d72e

SHA512
2eb2ccd8e9c333b5179cf8f9fd8520cb3d025e23a10dca3922e28521cfb9a38f9dd95f5d4f2784643eed08925d9008e5238ff9f93bdd39ee55414131186edff8

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\_lzma.pyd

Filesize
143KB

MD5
f91a9f1f2efee2f5dbae42ea5d5d7153

SHA1
2575cc77b51cb080fceed9810a9f4b2903ae1384

SHA256
1f82bb06c79b6b392c92cad87ffa736377fa25cd6d10da8d61441d42c0d0101e

SHA512
df1dfb8c8cee3496a60eeeb6f0d3fe48e1de8af5d04667f9a3124b769e8edd886cc46e6e4d4b277ee5d30f9f70f6f8c755097ddd996573a6817a5bb335de919f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\_socket.pyd

Filesize
64KB

MD5
b3af79bbfd7d5c5285660819792a3a9c

SHA1
1fa470b280ab5751889eaa7bdb7ba37ff1270a06

SHA256
eb6132b253c40d7c3e00b2bbb392a1573075f8bbc0b2d59e2b077d2cfe8b028c

SHA512
dac7da4cd493c0753d477da222c9b1e8c2486a4b6587c7cea45661192f2d51316b6e6f3951ffbbcb83952e51ab61cc79326beacb3d5e8637d13f2831e093f124

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\base_library.zip

Filesize
762KB

MD5
14cd8ce6fe01d5886dd8ea0555d95a40

SHA1
62c470b6b9d183d4f9931dcc5bdf3aec28843817

SHA256
d81b2a9048264cc7f4dae57b40859d35d546f0449d24cb41aae3c4e597edbbe7

SHA512
2b8c500990f08176655e989bad5785a2934c4fcdd05bdf50a559933af4f7fbc8f22553240c67ffe359e4d192af8b5249e3e2029a366f8bd580753ecd44a7693a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\libcrypto-1_1.dll

Filesize
2.1MB

MD5
aad424a6a0ae6d6e7d4c50a1d96a17fc

SHA1
4336017ae32a48315afe1b10ff14d6159c7923bc

SHA256
3a2dba6098e77e36a9d20c647349a478cb0149020f909665d209f548dfa71377

SHA512
aa4b74b7971cb774e4ae847a226cae9d125fadc7cde4f997b7564dff4d71b590dcbc06a7103451b72b2afe3517ab46d3be099c3620c3d591ccbd1839f0e8f94a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\libjpeg-9.dll

Filesize
219KB

MD5
18bcc235d2a04409aeadfaf01f0cbed1

SHA1
1a7633fc27bcfe386e7fc39a9d0e2e0550f6b411

SHA256
d445efdd297e85576bad1e0fb8cebfd4868004c4544f87a2e958a9ecad48bd0c

SHA512
39c9fa69d6142604c9a58a626b271449040547b93041b2cfa9681caafce16bacaeb979cab81e0747bb399e5e69972b8357dc65623fc576087f2dd4a835c171cd

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\libpng16-16.dll

Filesize
194KB

MD5
c156897a9c8616877d199cab89fcd42b

SHA1
35c1cfb564953f2d5ad2d5e698b679221add1b5e

SHA256
71dbd2b080df373b24b869900b96036fa3dd5b0295f5b074e8b27052d73c2794

SHA512
8ede8d33a3cd8de16062812bfaf0d58de2b7ae28e529cf18487e34b4f20a44cf6451cc104d4065a35dd77e66513c1bc3697344844e38f308a874d14bd310c5b6

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pyexpat.pyd

Filesize
158KB

MD5
187cdd3e6152d56986bb523c3a0f7d3e

SHA1
aca59c23e4e4974c37378bc7a2f365467e25c245

SHA256
7f22b82bffb4bd87c8c5dc3357c25b5714264b46ce05f6dc8c1fc4c579dca5fd

SHA512
c0612fb2f5d560055ffb3ec239dd4a8b06edece59e1c35af2da0e5d142643e6fc22ff4f1255cd620092d59958f758b790331163869480aa416026c374193c952

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\base.cp37-win32.pyd

Filesize
23KB

MD5
f2a904284f6d94353ef08bf275625dcf

SHA1
00fd9839572f0fb8648aad732c31a9bf0f4c2330

SHA256
dcd504ac56a5f324b4eab017b5e2ab8ce5ba4a0d029d5ebfdbf6b42f3e3d70ab

SHA512
a090e08e6aebe13fd326a7762695277a1c5c672d6f3403a5619f2790853c5f117ee69f96b64d736f7b6c875f6c78ab907b074b49ccfb925a41fe27e5226cf6d1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\bufferproxy.cp37-win32.pyd

Filesize
15KB

MD5
28f4ec407301c26aefe10ec03503f2b4

SHA1
d9b42d966a9846d5063ee310f8566c37c153e148

SHA256
3cd51cbe68cba75c721a0aedd1ad42c106863f4d4434b56023de52ba706eab70

SHA512
69b05737ae99cad5775baf5d5b6e9288c41109a25769e6c81878a1ae093e8c02b234f87fc171733cd32188ee480b3affdc6aff23a6b7f8a82a5ac0f394362d91

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\color.cp37-win32.pyd

Filesize
26KB

MD5
5efbf37b0fc1011f644f61df045e784f

SHA1
646ec65b8b014f02c9ea16e98ba8d0bc1690d926

SHA256
cc618b00e32c75f04fee445b680089a74e9ae1a2cfc2625c68bb09b01d9be36a

SHA512
df8eed8927800aa172e1950331c50dda9d64ef2db817e98397a2e41a590797e29dbc70872a3d286522f065f688e09d4ac86208f017eebab583d296a9e1481546

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\constants.cp37-win32.pyd

Filesize
39KB

MD5
2b19375d4524baba83a7ae7f461d011d

SHA1
d6809487e296f6fb3ad0e1d4aeb06dcb1a9390d9

SHA256
6d279a74739742748c58f44ca07b3e60043d2e9746bfa9de36163e4a470049ef

SHA512
016754150d0732ce0ae9c15c1ec725edfc377b33a6745592fd1fae18233c57ec76a5c0741ea4e78da2bce4f78e75ea8ae36fa726ca1d71d4aa39744a6b0340e7

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\display.cp37-win32.pyd

Filesize
37KB

MD5
d7e629e79a7ff3e75cf2c3e20ef121d2

SHA1
16227906d8296b8352fac444135da2c5cc9a3468

SHA256
30620691051b6ed2c06df27395c4b3a6dae4028d34fdbb358fec46136f9bdb27

SHA512
c6422b3dd5d6e372f9223b77020cafe37ebcc7ab310046b8230352c58b84fc414676127f2f505cbcd17b52ba457beb6bc2bf9660591d39a59bb579414f1e9fa3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\draw.cp37-win32.pyd

Filesize
37KB

MD5
3361348fe94f051e4a25a5821cc042f1

SHA1
634cae7bce109914fc56ee0b9e1901604d24a7ac

SHA256
48155fbbdee128adbe142c6d44f34cf4d18ef455bd93559728dd9548d0f0cea8

SHA512
d87093d3f0e1d5107843eaeea2081db1a11c20f714366be66baa87f08c8e3e294d2e4a2e0fbf50710648628f72e058cd02d2ea51bddc622a289657c86ecfe6c5

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\event.cp37-win32.pyd

Filesize
29KB

MD5
58da7bb9e58639816c4c14868ddb6439

SHA1
5f814a8d3a703616ca50ba896e5afbeea0f426e2

SHA256
213adc75f07bce0b22e00bd74a533a46699807a65de60f2a426d6cf48f4ba483

SHA512
4ba5b9daff5a9ce413992b6f8882ce0de2088578cb3690e1765d30ffc468686853875460a965923bff19f853d7b80a533abaae02b56c3f00437fe174de11f77c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\image.cp37-win32.pyd

Filesize
23KB

MD5
323bfdd183cdfbd2fb9fb7063c70363f

SHA1
73e5873a00818247b94bb116339a3b2ae3b64185

SHA256
6b972252d257c7f2773360550d992bd51bfc7b88e7fc754f92a1848c6bd85cac

SHA512
803089edd1c54be3861323e8c568f3551db2c3fab95e2d12f49a830338e843a975b6ad8ba93293d0f22a744d6b26663409530a6de6d9c14001508f318781e57d

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\imageext.cp37-win32.pyd

Filesize
16KB

MD5
22690b8fd866574500fdfc3016532abe

SHA1
f2bfa2a0a6d2b1ba7d00a60a15a04d6f00be475b

SHA256
661ddf020b00747d347f3cb04719efa30d9c3d866c785f2dc7c7ed1fc2dc54fb

SHA512
5960d4415521dea4b13b77a2935ee83739256af905808b0aa33352b7998db5c060c2487b9b81ba351cdfab05cba3dcf94e8883148e68a29587ed2d8032202504

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\joystick.cp37-win32.pyd

Filesize
16KB

MD5
1de2a95917764d2ae3a01d73f8c265d7

SHA1
173075429d5b75f576f79bbdaa733b992533dc38

SHA256
714d353e81519f4154b8aa3478f7f1939c182bebbfad01db863b01df0ec4d72f

SHA512
0e72c7212766dd173908d2c9170c56bd61e1cd36287abfea9f1cecd5b355a323c82cdbf33b1859dac9aa9fc90edd101ad7a3d54517677abd3ef609549f9c9b08

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\key.cp37-win32.pyd

Filesize
20KB

MD5
eef544b7ef1bc0ca1df44c3cfe94ad4e

SHA1
b56be157290c554e51a135d3f669945cf9c399a1

SHA256
bc7bd1f07bc8bc86cce829f2e4c602a9cce13309178592222e80db26b49f7da8

SHA512
251ecd67eea642c4029a36b1cbae34add07ed87cb043a60f88468ca39860ef745ccfec713b8f470e19a62d6f1792c56a58a778db560af62d3a285eaddc77ba24

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\math.cp37-win32.pyd

Filesize
54KB

MD5
a38404c395be76ab61cd13528071810b

SHA1
58e522753a3f5dd851d772dd1af252aa7b16d8b5

SHA256
8ecccb1675215efc534dc4efaff21fe1ac53b3acb98ed9011a3dcc4395d35de2

SHA512
8803936fdac2b6410da40d620c43f757f0f6957a04a331a0720aad07b60d70a269d83a61a69da8ca62efeaa8f0873d36843a5c2d1a425c8f744be8b0141fa1e3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\mouse.cp37-win32.pyd

Filesize
15KB

MD5
27d903338f4201b77d4e22fdb0c41af9

SHA1
d2c916019a13e380f2fab6496fb5411d70e84df9

SHA256
47b11adef0c26764ef1e2cff5e072bbf60a407d270c82289cf151cfc0b8af033

SHA512
77bd58ba376ea42e9690592213a7a8471b05e09dc0be9092b4bbde9c399b8578ff3caec3110e958a9f4838141e7f99dc20a493a17b5dfca2ffac0c6528ce8717

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\rect.cp37-win32.pyd

Filesize
29KB

MD5
42604b564237a4cbfe7c0b6a1295d40d

SHA1
7aceae2b8c7ec6aa27d155a4dc81b8551e488dfa

SHA256
8f9f07404099be7ba050a041bbba6ebb6eee733b28d5dea696448e90454891be

SHA512
ee5f7af5ef3db0a500efbd6046e5ea493e6c52b1cbbed248d8e674ab81e751876e271aeef38d8d1910bac8030371ac77788a038e85f15f542a78b471dd386d84

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\rwobject.cp37-win32.pyd

Filesize
15KB

MD5
c8757bc6542ad53e65e9ab6fe25d9299

SHA1
c4f0dc5f4e355e0d5943172974649370f51d19d8

SHA256
5e0e13a1356a5690ea770528d2a2fb5982e0b572a4dbd0484423e734061f366b

SHA512
10620885ca7ac8f9ec2c792227702f4636d4954615f5efb33008ede8d5c0dc9503829bd5ff6690b78aaacf5da45b499e59a516be506b96da35f3cddc49dd666e

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\surface.cp37-win32.pyd

Filesize
212KB

MD5
c7f85fd0614b0d222fbd6a5b342bb0fe

SHA1
cea40604742674f33fdf632fc0a17434095bf286

SHA256
734785bb58e05acd44583eedaca351e833096caa5fad2f29663897f0d7fe67e0

SHA512
29ca22db01002ddbc512ea35825d27681443d3fdce8949d8f82601d7481afa88fab241132371ebe96b48e486f4a15b8540d78622981af8724e77f5bc3e6f3fa2

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\pygame\surflock.cp37-win32.pyd

Filesize
10KB

MD5
5493e8ab11a8bcf79b04de43aa26929f

SHA1
fd181391329c933b4785d70dfbb3caef6a7894eb

SHA256
eac700a8f0b4adcad482a0b376c54efa033980e600e0d4d180c3f96871db5716

SHA512
604d52115db85edca07f3258dc29b5d0ab54aafe51e9eef9cee2a0f33fded6bab7f8a459cee2ec0b9d2e033516d182ed5af95253512643c85930cb1065b81620

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\python37.dll

Filesize
3.3MB

MD5
465089eaced8159ec533e4a37033e227

SHA1
074596adae6f53f33b8297f02e21f6a6f7ac6ff1

SHA256
2b29ae140cb9f08af872acf9e17f785ef99398ef3367549b55242bc064d6ae40

SHA512
55eca0922074162c22fff2b4f97bd2972540fa893b9b02b7d9bfa26345186dbbdaf1fbc37a9eba6366743d0d42fb5bb88e708877dfd57cb02ca4d3a6953cfb81

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\select.pyd

Filesize
23KB

MD5
d3bf89184b94a4120f4f19f5bcd128d6

SHA1
c7f22bb0b957bd7103cf32f8958cfd2145eaa5b8

SHA256
568efdc33f1fcc1af1d030c75fccedc2d9b1fcbf49c239726e2cf49d47add902

SHA512
1da8ebf323d170c5e9f6bfbb738e60119ccc690a08234dd23f2d9c1a33519fd4ad154805b012cca3dc7565bee672d334ca877afe2b5211e2122dd6e1ce337971

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI31442\zlib1.dll

Filesize
101KB

MD5
f43d94bcf96337cb2ea712686f528a25

SHA1
fb746f5f8f4c74b919b809dcf552a65e7b8e50a1

SHA256
aba9686b5fda49381d4250eab2306d77fdd71896c2aa759f0d4a56329bfb36e6

SHA512
fae600471b732f740e46ed052a0a0ee565fdf21fc1403dd5bedea8d7ba844a2336cb393751b39bb5aadc599963543224dea2937dd197522472ce1145e1fe8384

Download Submit
memory/4696-133-0x0000000069A00000-0x0000000069A3E000-memory.dmp

Filesize
248KB

Download
memory/4696-135-0x0000000063080000-0x00000000630A1000-memory.dmp

Filesize
132KB

Download
memory/4696-134-0x0000000068D40000-0x0000000068D77000-memory.dmp

Filesize
220KB

Download
memory/4696-131-0x0000000074CB0000-0x0000000074DF9000-memory.dmp

Filesize
1.3MB

Download
memory/4696-132-0x000000006AA80000-0x000000006AAA4000-memory.dmp

Filesize
144KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads