Resubmissions

22-08-2024 15:14

240822-smnbsatepf 10

Analysis

  • max time kernel
    12s
  • max time network
    21s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22-08-2024 15:14

General

  • Target

    Injector.exe

  • Size

    152.0MB

  • MD5

    27f2dbc37cba31780461ca971834c470

  • SHA1

    c369476c5c7e31dd22e78ed049c3f762f5e14e4c

  • SHA256

    c5f513dc12c9ef48e960d235428575de55c4c45091c9ecac3a1af5a7ea10f9fa

  • SHA512

    f7a68816a6c053b3bf762a1ca12e43dcbdc6098eaf8ed2101674e4c4d06d1f7ac57f220f9f9da4a95b4903c6a213961bd6ecec59cc5ce6dcddf2c1e576af513f

  • SSDEEP

    1572864:KYLX5WJoWbgWRSgkNOXWxtQSNBasQIEzSmySOI+Br26VGnz1QrKMcsEkKFcwe:nX5M3gZcKCRsqzSmySb+I6deMfEkzwe

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Injector.exe
    "C:\Users\Admin\AppData\Local\Temp\Injector.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2664
    • C:\Users\Admin\AppData\Local\Temp\Injector.exe
      "C:\Users\Admin\AppData\Local\Temp\Injector.exe"
      2⤵
      • Loads dropped DLL
      PID:2620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI26642\python311.dll

    Filesize

    5.5MB

    MD5

    58e01abc9c9b5c885635180ed104fe95

    SHA1

    1c2f7216b125539d63bd111a7aba615c69deb8ba

    SHA256

    de1b95d2e951fc048c84684bc7df4346138910544ee335b61fc8e65f360c3837

    SHA512

    cd32c77191309d99aeed47699501b357b35669123f0dd70ed97c3791a009d1855ab27162db24a4bd9e719b68ee3b0539ee6db88e71abb9a2d4d629f87bc2c081