Analysis
-
max time kernel
362s -
max time network
366s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
02-08-2024 16:52
Behavioral task
behavioral1
Sample
picgnp.scr
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
picgnp.scr
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
source_prepared.pyc
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
source_prepared.pyc
Resource
win10v2004-20240802-en
General
-
Target
picgnp.scr
-
Size
103.4MB
-
MD5
7fd990bec5ae21e2e4f0d750a32be33c
-
SHA1
a8229c4bdc1c9caef286bd2318937bf230c37948
-
SHA256
1e06cfab030ab6f15445eb936f6031f86984e86e6f9c6876bd568015813c79ad
-
SHA512
b9d1c85f2b0aee82f8cdbbb7300af2da86c263189220ef67c01c0abc0ed72e22b7aec8fabce9a9cfd7c91cf91de49ed944795ab2c0017345d9edb7bface1a431
-
SSDEEP
3145728:GgOb8S6xjKcBaIc2qHO5iVY2nGQbRe0zJcBWSs9U:CgSWNaIsHCiH1XcBWP
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
picgnp.scrpid process 2136 picgnp.scr -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
picgnp.scrdescription pid process target process PID 2688 wrote to memory of 2136 2688 picgnp.scr picgnp.scr PID 2688 wrote to memory of 2136 2688 picgnp.scr picgnp.scr PID 2688 wrote to memory of 2136 2688 picgnp.scr picgnp.scr
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.6MB
MD5d521654d889666a0bc753320f071ef60
SHA15fd9b90c5d0527e53c199f94bad540c1e0985db6
SHA25621700f0bad5769a1b61ea408dc0a140ffd0a356a774c6eb0cc70e574b929d2e2
SHA5127a726835423a36de80fb29ef65dfe7150bd1567cac6f3569e24d9fe091496c807556d0150456429a3d1a6fd2ed0b8ae3128ea3b8674c97f42ce7c897719d2cd3
-
Filesize
4B
MD5365c9bfeb7d89244f2ce01c1de44cb85
SHA1d7a03141d5d6b1e88b6b59ef08b6681df212c599
SHA256ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508
SHA512d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1