Overview

overview

7

Static

static

3

wSpam1.1.exe

windows7-x64

7

wSpam1.1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    27/07/2024, 10:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    wSpam1.1.exe

  • Size

    23.6MB

  • MD5

    0a6cfc7c55a66793dd61734e855948ab

  • SHA1

    88fba9035dcd422b12610f12d6dbe2c3b0164a5c

  • SHA256

    48a1672eef39c1f4d3330beb8737c13c0630066b7e7f6c803cfb6e5cdd903645

  • SHA512

    714600b9bc4d16015932ebe729486a1570bff25af613e101f8ea597540b73ea49a9cb78bb875f0ca974afce33daa4998571b3ffe38dc4b87d97d80844fed1566

  • SSDEEP

    393216:+Vxw9BNWNPR9c5hlERo2WtYjUaNRDHvcrwhvr+bUn2KekLTa/WViHXAdZYygtN3a:uxMcbEhkVfjrRj0r6+bUnoFXAdZgtN3z

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\wSpam1.1.exe
    "C:\Users\Admin\AppData\Local\Temp\wSpam1.1.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Users\Admin\AppData\Local\Temp\wSpam1.1.exe
      "C:\Users\Admin\AppData\Local\Temp\wSpam1.1.exe"
      2⤵
      • Loads dropped DLL
      PID:2376

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI23682\python39.dll
          Filesize

          4.3MB

          MD5

          11c051f93c922d6b6b4829772f27a5be

          SHA1

          42fbdf3403a4bc3d46d348ca37a9f835e073d440

          SHA256

          0eabf135bb9492e561bbbc5602a933623c9e461aceaf6eb1ceced635e363cd5c

          SHA512

          1cdec23486cffcb91098a8b2c3f1262d6703946acf52aa2fe701964fb228d1411d9b6683bd54527860e10affc0e3d3de92a6ecf2c6c8465e9c8b9a7304e2a4a6

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI23682\wSpam1.1.exe.manifest
          Filesize

          1KB

          MD5

          c8fbcad2e10bf2a2ef0f8bbd6f64e9d6

          SHA1

          3309fe52c62e303c1ff527b30dcb74bb0a5163e0

          SHA256

          220bc0a793dfdcc134c799b8a1dc434f8be0e75d791c4b0fe7c34fdcc0fcdbc5

          SHA512

          8b2bfd14549dc0c016e0a4dcd4b6562b7884c402613b67b2c18f7833b6bc0720a766572bb425b90921c84f4dc0cf2b8b55faedfba22a8b1c9deb801edbd6b310

          Download Submit