Overview

overview

7

Static

static

3

engine.exe

windows7-x64

7

engine.exe

windows10-2004-x64

7

flappybird.exe

windows7-x64

7

flappybird.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    14s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    27-07-2024 01:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    engine.exe

  • Size

    5.3MB

  • MD5

    df24730dc186dde0b684cf5b2e2bd276

  • SHA1

    4c4c8e6facc8aa19fed87c390037cdca9b43caad

  • SHA256

    ff79aeeb4aa3caabf124964284a27b999f115255ddaab64ec92ad6af7e68cf52

  • SHA512

    c5cdd469060d681c7d833fd2ca3bb72a010b2c4285da149b2ca1f9792f7f151a1f68d999e17eb42ce8176883a2cef31eff929c43eea3003a1554840be6cb1fff

  • SSDEEP

    98304:mABEbbyXnmoDQztICDtPfeE/joXzKzA0xZRdp3zi5u5D41fopr26/Y1C/aYMbITo:mgEbGXjGICteEroXGzlxZV3Gu5D4S26m

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\engine.exe
    "C:\Users\Admin\AppData\Local\Temp\engine.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:448
    • C:\Users\Admin\AppData\Local\Temp\engine.exe
      "C:\Users\Admin\AppData\Local\Temp\engine.exe"
      2⤵
      • Loads dropped DLL
      PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\_MEI4482\python310.dll
    Filesize

    4.2MB

    MD5

    384349987b60775d6fc3a6d202c3e1bd

    SHA1

    701cb80c55f859ad4a31c53aa744a00d61e467e5

    SHA256

    f281c2e252ed59dd96726dbb2de529a2b07b818e9cc3799d1ffa9883e3028ed8

    SHA512

    6bf3ef9f08f4fc07461b6ea8d9822568ad0a0f211e471b990f62c6713adb7b6be28b90f206a4ec0673b92bae99597d1c7785381e486f6091265c7df85ff0f9b5

    Download Submit