8550a6366d48a9a24c0b6e11f97c08b143d8babb034f1401cbabfd30c5d3fb95

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
08/08/2024, 08:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

WallpaperDownloader_en.exe
Size

10.4MB
MD5

c0c4f46f0741a92087954edae65087c9
SHA1

145f5cbfff6807c982b4d9d4d73d09e6ed0acf0d
SHA256

8550a6366d48a9a24c0b6e11f97c08b143d8babb034f1401cbabfd30c5d3fb95
SHA512

ca1f6072beef424858fca67c1e2afa523be900c4c3dff07e1f11ae4378ad977fcd353cba79c40f350238140469ec9d1f6af823fff35fc989073f61be0b07b49d
SSDEEP

196608:jt0A9VjA1HeT39Iig7auDXURuA3dSYf0W8/LsQVdxbTv4q:q4O1+TtIinuARuA3dSjW8YQVDTv4q

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

pid	Process
2140	WallpaperDownloader_en.exe
2140	WallpaperDownloader_en.exe
2140	WallpaperDownloader_en.exe
2140	WallpaperDownloader_en.exe
2140	WallpaperDownloader_en.exe
2140	WallpaperDownloader_en.exe
2140	WallpaperDownloader_en.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2136 wrote to memory of 2140	2136	WallpaperDownloader_en.exe	31
PID 2136 wrote to memory of 2140	2136	WallpaperDownloader_en.exe	31
PID 2136 wrote to memory of 2140	2136	WallpaperDownloader_en.exe	31

C:\Users\Admin\AppData\Local\Temp\WallpaperDownloader_en.exe
"C:\Users\Admin\AppData\Local\Temp\WallpaperDownloader_en.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2136
- C:\Users\Admin\AppData\Local\Temp\WallpaperDownloader_en.exe
  "C:\Users\Admin\AppData\Local\Temp\WallpaperDownloader_en.exe"
  2⤵
  - Loads dropped DLL
  PID:2140

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI21362\api-ms-win-core-file-l1-2-0.dll

Filesize
22KB

MD5
f72d7e4b41e5733049887ff73a8f1a87

SHA1
23b74ed0544acc9612c9a2e453077c5dc16e1acf

SHA256
8b6d5c7e459e57dde0149dc7207b4b19673b206f1a942f992393f1674d6a333a

SHA512
7a3391affeb78761feef1e0b54d27ccf71754041a7c45a7db0c51ce5ca0f56d5c12a591d841b6ab6e73d12605d22cf925bf372c7a9bc4063e675ab892c24ca91

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI21362\api-ms-win-core-file-l2-1-0.dll

Filesize
21KB

MD5
51885e0559713be0550a6215913e7b26

SHA1
23919da8abaccb1742d5138f2305d1a6008b9031

SHA256
7822dfd45ed7f6fd6cc91e309272b2113f6a948b37c6f9746d07ac4467bcdc6a

SHA512
89abe333c13c57e48e250dcad7cda0e2feac80f692877a21ecffe9768508fc3608c14a027519f51ce274d94e05d07f64518500c48983fc010ce4f4b845c44c65

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI21362\api-ms-win-core-localization-l1-2-0.dll

Filesize
21KB

MD5
794635599ffb9e974cbb7b5293af6d4d

SHA1
7aea4013f08ed9ccf8d08efae4c3a262fd0f5847

SHA256
d74093ffb8f2b461f15253427ec37c2b3168d8b941b3bb1ffe7972d5d1f63b17

SHA512
90b51c4e26ca2315764f56135536e203da1a325ddfe472bdc3ef5ea96bea3ddd6f731b914b7ba800d6d26087a45b6c99c136fcbdf48f6179cc36c6742309aec0

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI21362\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
22KB

MD5
48a4805a8be5cad0aef4eeb7bd84c7ad

SHA1
e724f4fea9b24358e5b385f45304ea7bb80ed143

SHA256
c7005118482a491e969d66e562cd2c1e4e77d68852fe7ce0039f9d1232b88841

SHA512
f30a2db944e0eb9ae329b36ea5e1ecd16fb87f5a5652e31e4c2fa20bae55b9cad110ad88993f08bdf522a8004020d6aff09802ccfc3209d4a2ca6cbff0022090

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI21362\api-ms-win-core-timezone-l1-1-0.dll

Filesize
21KB

MD5
3ced70e57e887c91a803c7b38e3c0fd9

SHA1
b73b70f2798539934929d29a1d4bd935fa56c7ae

SHA256
9f14946327fbe39a120ef9197ab35f94cfe1ac60ad337e70c03a79197a5cff56

SHA512
b0d597b1990c8f9804c847bd65515956feeb1541916180bc306495316b623f614bd05431723f38ac68426e4045f4b21058433c0f0541cd6ae8c1c44404415b19

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI21362\python311.dll

Filesize
5.5MB

MD5
387bb2c1e40bde1517f06b46313766be

SHA1
601f83ef61c7699652dec17edd5a45d6c20786c4

SHA256
0817a2a657a24c0d5fbb60df56960f42fc66b3039d522ec952dab83e2d869364

SHA512
521cde6eaa5d4a2e0ef6bbfdea50b00750ae022c1c7bd66b20654c035552b49c9d2fac18ef503bbd136a7a307bdeb97f759d45c25228a0bf0c37739b6e897bad

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI21362\ucrtbase.dll

Filesize
1.1MB

MD5
1ae0b41c80408f962164997529e80abe

SHA1
1712df1be8ecaeacc8fc2fe9b166268e519dd386

SHA256
75fa827aee40f5af5d2599fa025a43d90e833c540ed5512e7b60b1d04b94ae7b

SHA512
2c77816190848f907ea3907c2d7d3310bbc670c388156de8259616609fefc239234cc435a478c2e92d97f7cf81dc6b7c6e1437054bbcbc030e725ef03f03680e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads