Resubmissions

02-08-2024 17:05

240802-vlzpjaxbrd 7

02-08-2024 17:02

240802-vj9fyssbrr 7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    02-08-2024 17:02

General

  • Target

    TeddyPcFiles/Teddy PC (main).exe

  • Size

    15.4MB

  • MD5

    9476e32ffbaab14a58b721a28f6610ac

  • SHA1

    47c39dcb14418da9d0b8c2e7cb5fbdae4f451f06

  • SHA256

    da47548e770e8f1f2f3ea4805abc0c014a6050a0e9c97112ea0f20a25c4a2b05

  • SHA512

    063bc342e6d99f15bec0621c6551db43c67d0af79fcab32eb99fd77f5f378813037c2bd0284fc578a50053e9634cffd584d8f944016f21f37ede7e89c7a59037

  • SSDEEP

    196608:gD9XaO93xXh04A1HeT39IigwIc0/ajaA0W8/LV2ck3FR0XSOq33NUqfEx:NeXh0h1+TtIiFU/MaHW8p2D0fg62Ex

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TeddyPcFiles\Teddy PC (main).exe
    "C:\Users\Admin\AppData\Local\Temp\TeddyPcFiles\Teddy PC (main).exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Users\Admin\AppData\Local\Temp\TeddyPcFiles\Teddy PC (main).exe
      "C:\Users\Admin\AppData\Local\Temp\TeddyPcFiles\Teddy PC (main).exe"
      2⤵
      • Loads dropped DLL
      PID:2212

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI23202\python311.dll

    Filesize

    5.5MB

    MD5

    d06da79bfd21bb355dc3e20e17d3776c

    SHA1

    610712e77f80d2507ffe85129bfeb1ff72fa38bf

    SHA256

    2835e0f24fb13ef019608b13817f3acf8735fbc5f786d00501c4a151226bdff1

    SHA512

    e4dd839c18c95b847b813ffd0ca81823048d9b427e5dcf05f4fbe0d77b8f7c8a4bd1c67c106402cd1975bc20a8ec1406a38ad4764ab466ef03cb7eb1f431c38a