88fcb4c8c025d8f238ca1716645af7a33dc6df74416ab9a68787297e94609fc1

Analysis

max time kernel
0s
max time network
1s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
22-07-2024 16:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Fucked-By-CodeBoss.exe
Size

5.9MB
MD5

38922cc1aee5439a514ce5b6dacb0037
SHA1

9ad2c7f52801aaf022414604fa19dc196880ce3f
SHA256

715e279f33c33b83bef643b06454d7435bc4e20ce5956243804fc61d4f4aa656
SHA512

7c60d1bd28eaefbe41426857972f8827e948e884bde0cb77bae58c465318ed4800cadd5bebe39e2dbeb555a676d3257969f88c30e88841212a15f670f7704577
SSDEEP

98304:OUEYVJ9FevjYMeBFh5iFIRv2Vb84cfR5N1pocyBQPnRNJe1B+XKRbF8TaksSIhXn:Ozmne9eR5U84cfR5vAGRNJprDsdtZr5H

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 10 IoCs

pid	Process
2068	Fucked-By-CodeBoss.exe
2068	Fucked-By-CodeBoss.exe
2068	Fucked-By-CodeBoss.exe
2068	Fucked-By-CodeBoss.exe
2068	Fucked-By-CodeBoss.exe
2068	Fucked-By-CodeBoss.exe
2068	Fucked-By-CodeBoss.exe
2068	Fucked-By-CodeBoss.exe
2068	Fucked-By-CodeBoss.exe
2068	Fucked-By-CodeBoss.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1724 wrote to memory of 2068	1724	Fucked-By-CodeBoss.exe	31
PID 1724 wrote to memory of 2068	1724	Fucked-By-CodeBoss.exe	31
PID 1724 wrote to memory of 2068	1724	Fucked-By-CodeBoss.exe	31

C:\Users\Admin\AppData\Local\Temp\Fucked-By-CodeBoss.exe
"C:\Users\Admin\AppData\Local\Temp\Fucked-By-CodeBoss.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1724
- C:\Users\Admin\AppData\Local\Temp\Fucked-By-CodeBoss.exe
  "C:\Users\Admin\AppData\Local\Temp\Fucked-By-CodeBoss.exe"
  2⤵
  - Loads dropped DLL
  PID:2068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI17242\python27.dll

Filesize
3.3MB

MD5
4fc438493188550ea7dfb0cc153b4983

SHA1
2e7e79cee5ca14a584c49d7222cecd4a53beac41

SHA256
2ae1f70a99a8f760d3883258f0f69ae759b48270b07036e41b1e887add0c3cfc

SHA512
5f91ddf65fa94129c2e483400327d564a8ce3e3b9dea3a5294fdb6bbd5ee599f89003da8922d1f3904dbab7bd0d4b23fc355f1854e6b34a7f012c1065e88053e

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI17~1\_ctypes.pyd

Filesize
119KB

MD5
28e5d05ab42adb1e7ada35f1eef1b32b

SHA1
0792867716c8a933305455a2c7f39d30807dad65

SHA256
a93e3bfe62afa5062c6257a7f347d715af346ac3aec7999b8d86a9f2580ec176

SHA512
0cb08ec46068e20a2df3fc0e69bceba5b8a807aeb580002e846d9272fea7a6ee24b8f2c571571677b61dd8c58eb998c26a656193798de5075c6943f6d701c569

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI17~1\_hashlib.pyd

Filesize
1.6MB

MD5
6f784c403e2097d11331f8778f6d9d2c

SHA1
64ecd6ee875f89a88204e673acae9547992fd085

SHA256
cda9a6478417629cb40809aad57bd5a884f183333506d00008d16e47368fd633

SHA512
c1fbd548f03a46ee19cd003831bcb53df204cd1c71ab672955a2ff19267c523a17970f8fb9586e712665c09b54c19338037a38a425dacb857aae5b6162fa282c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI17~1\_multiprocessing.pyd

Filesize
34KB

MD5
739e1f883c32b2d197f5b040835c3223

SHA1
7d33199612b687969e7df45845de41bf85c0eb82

SHA256
1b9dc884ebb3d5e2c21434a6d0ac7831bfacda400f4e71d0250cd38dc113fe37

SHA512
c97686b4c50d89a7da16f11b70182af287449e6f4c53e697c42b5b394430ce11a21f0ef77094eeb4ca7bb629ac16cff9c159f578eb70f87f9ddeb6180bdda4ea

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI17~1\_ssl.pyd

Filesize
2.0MB

MD5
9c6d526768f8395aecff0af0d27f0063

SHA1
a580e2782c31ffb9365ea31dce8b337aae9eee07

SHA256
2c4cb4459c37a2152698e19f27350a7dbf56c51509689b1d7a65c60fb5a75751

SHA512
52bc14aa9f6bb6822740b7be98187fba1adf86f484e130ac6df3fad6e456b41288cbb9c8abf9d7af8730e9c0f7438ed362582ee7f39a5cab9cf471bb5b84b9eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI17~1\unicodedata.pyd

Filesize
676KB

MD5
6c38211cc951d7800cb961f4bb16716c

SHA1
fe49ce52862fa87fc6c2ae8731a3c22b69dcd3ba

SHA256
45edce458a292465d784e07a3ffd46580aab0a4f925c40704bc45a60325e7537

SHA512
4eb5daabfdb599e466b17ef541809cae9fb83994be28ba2b3401a79e5b94e6d991aa1821c22f54c6ea90b866ce4f6f9c857053eb4f37b3751dcf25806ed4e674

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI17242\msvcr90.dll

Filesize
629KB

MD5
552cf56353af11ce8e0d10ee12fdcd85

SHA1
6ab062b709f851a9576685fe0410ff9f1a4af670

SHA256
e88299ea1a140ff758163dfff179fff3bc5e90e7cfbbd178d0c886dbad184012

SHA512
122f389e7047b728b27f3c964d34b9c8bcae7c36177122e6aa997a6edadad20b14552879f60667a084d34727cb2c85dd5534b6fa7a451f0ab33555b315335457

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI17~1\_socket.pyd

Filesize
50KB

MD5
f28dc3a4451c29fea272d7ae063425c5

SHA1
ece376146a7115cd5b1ad141a59fff25b6da6a5d

SHA256
a75aa54781de3c97f5b4c2e0389d5ad39602cda6fcd5a3810667a4cf24f4286a

SHA512
746b1b608c457cdf8aa784683533e1220c60dd689f7f5266013f1194e9fd091123eb11d697119b9de65686019176062eb9aba04d2845930369829182a399b5e5

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI17~1\bz2.pyd

Filesize
90KB

MD5
51fdb7790e680a394e9936498d3a73fa

SHA1
fab9f97feee68fbd9225de051349ac3258920fa2

SHA256
985902e0813564981059c2f57282614f5a907dc3df0273ba7bef2ad64123c921

SHA512
594153dd913a3369d310980b0e53bc6a10174e18b0b416dc1b86b2401b4bd94546bee9fbde7421e102490ccba4c8a8d7b91b3df5e3c0506cc98b51bc63e15c50

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI17~1\select.pyd

Filesize
11KB

MD5
c76ccf3e7883917832c3b2fa2b980aa1

SHA1
f35f0424522f3986f5917725b8c0b515bd80bf46

SHA256
417ecb5fe0caf271ae53fd9132f4a6d50cb5304d586548f964a546cd5858f347

SHA512
44e15c8b0d61c2b7f9dba92d0c43acb8d0a27b1c7fc58b9f1a89d39ae7ceabc5b7df5d8b2592949f014e34a04b0592189a5d1fe7551a0b59bd9499c0a7d16d8b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads