935a951302e7d7f90234307acaa2554519d6f9277fc5cfc177658a24c54de3fe | Triage

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
11-08-2024 14:34

Sharing

Report Analysis Logs

General

Target

index.exe
Size

6.2MB
MD5

8a35dde5ab743a95a11cde36627184e5
SHA1

6ed50962db153218fae913a94100596d54957385
SHA256

3dfd229b92521bba1b1f546e259ad3129b939142be21a60f5beb79f452f768ea
SHA512

8fa3c695cb049337c279fec451d53d8295810fb1ed7917cc35fd1be2b29ee1f3a5ed41026ef03804de4d6fe14bf89ef7dbce2bfff9d3d8eaac1f4322c5a2667d
SSDEEP

196608:rHVhmayICteErowdNE+sKsXXgvkCe7Yt8wUhUu:6InEro+sKkXgsZocR

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
2272	index.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2112 wrote to memory of 2272	2112	index.exe	30
PID 2112 wrote to memory of 2272	2112	index.exe	30
PID 2112 wrote to memory of 2272	2112	index.exe	30

C:\Users\Admin\AppData\Local\Temp\index.exe
"C:\Users\Admin\AppData\Local\Temp\index.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2112
- C:\Users\Admin\AppData\Local\Temp\index.exe
  "C:\Users\Admin\AppData\Local\Temp\index.exe"
  2⤵
  - Loads dropped DLL
  PID:2272

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI21122\python310.dll

Filesize
4.3MB

MD5
316ce972b0104d68847ab38aba3de06a

SHA1
ca1e227fd7f1cfb1382102320dadef683213024b

SHA256
34f0e44a0d089587e1ea48c1cc4c3164a1819c6db27a7c1b746af46d6388c26e

SHA512
a11da6590a71d977c62b1c26c275763413f6a455e6d85fa052654d05d845dbbe8122bbd8e0a23887f9873d4291382ebbd5df19674ad2dda1cf0ff3206054939b

Download Submit