2f92300f7368bd55c68dcbbf9220f0dad9c4c195a4e236d8e18d227cc2218644

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
02-09-2024 05:27

Target

Krampus Modded.exe
Size

9.5MB
MD5

fdde59aaea488147c24627be743bf4c1
SHA1

d41a7a8bcabd05a87d9b2395c81c4ed25f92b361
SHA256

2f92300f7368bd55c68dcbbf9220f0dad9c4c195a4e236d8e18d227cc2218644
SHA512

326ed5b99f164e9f72861f74ef0982d244bc5d8438da90c968331066e47b0ddaa8d0986454f29cf7dcee80b9a115eccc280863c20062868a5a02ff7182ec3b7e
SSDEEP

196608:OKeT6RvPxMJb3tQk5tMeNsHFJMIDJ+gsAGKkR4Db/1:Ty17v5tTYFqy+gs1c

Score

7^/10

upx

Loads dropped DLL 1 IoCs

pid	Process
2988	Krampus Modded.exe

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/files/0x000500000001a382-45.dat	upx
behavioral1/memory/2988-47-0x000007FEF6390000-0x000007FEF67FE000-memory.dmp	upx

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2632 wrote to memory of 2988	2632	Krampus Modded.exe	31
PID 2632 wrote to memory of 2988	2632	Krampus Modded.exe	31
PID 2632 wrote to memory of 2988	2632	Krampus Modded.exe	31

C:\Users\Admin\AppData\Local\Temp\Krampus Modded.exe
"C:\Users\Admin\AppData\Local\Temp\Krampus Modded.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2632
- C:\Users\Admin\AppData\Local\Temp\Krampus Modded.exe
  "C:\Users\Admin\AppData\Local\Temp\Krampus Modded.exe"
  2⤵
  - Loads dropped DLL
  PID:2988

C:\Users\Admin\AppData\Local\Temp\_MEI26322\python310.dll

Filesize
1.4MB

MD5
fc7bd515b12e537a39dc93a09b3eaad6

SHA1
96f5d4b0967372553cb106539c5566bc184f6167

SHA256
461e008b7cdf034f99a566671b87849772873a175aefec6ed00732976f5c4164

SHA512
a8433d5b403f898e4eeebd72fce08ebad066ca60aeb0b70e2ae78377babc2acbbae2ac91ab20f813cce4b1dc58c2ad6b3868f18cc8ac0fe7be2bff020eb73122

Download Submit
memory/2988-47-0x000007FEF6390000-0x000007FEF67FE000-memory.dmp

Filesize
4.4MB

Download