001a0ed70a3cfedc033911a1ad57bbaffa8414192096de8833b8c7715d6e83ca

Resubmissions

14-09-2024 16:20

240914-ttj4dashjq 7

13-09-2024 03:18

13-09-2024 03:11

13-09-2024 03:02

13-09-2024 02:59

13-09-2024 02:58

13-09-2024 02:51

Analysis

max time kernel
14s
max time network
20s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
13-09-2024 03:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

local.exe
Size

65.9MB
MD5

ace873090c0b4caa5c83276bed5476fe
SHA1

04a0816c09dabb04271930e3e3e0ffc0830e691b
SHA256

001a0ed70a3cfedc033911a1ad57bbaffa8414192096de8833b8c7715d6e83ca
SHA512

71f9fe31f638678417918e6e3d519477f51c7e7f737c7eff9d918d2d0311860678651fe33548105545565afbe6ceef5ab7117b2b0b7dd221b8d0b0820b83ae0d
SSDEEP

1572864:LWv10LX5WJoWbgWRSgkNOXWxtQSNfiI+sOX6ydPkbVG:LQuX5M3gbcKCW+nX3d8BG

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

pid	Process
3024	local.exe
3024	local.exe
3024	local.exe
3024	local.exe
3024	local.exe
3024	local.exe
3024	local.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2260 wrote to memory of 3024	2260	local.exe	29
PID 2260 wrote to memory of 3024	2260	local.exe	29
PID 2260 wrote to memory of 3024	2260	local.exe	29

C:\Users\Admin\AppData\Local\Temp\local.exe
"C:\Users\Admin\AppData\Local\Temp\local.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2260
- C:\Users\Admin\AppData\Local\Temp\local.exe
  "C:\Users\Admin\AppData\Local\Temp\local.exe"
  2⤵
  - Loads dropped DLL
  PID:3024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI22602\api-ms-win-core-file-l1-2-0.dll

Filesize
18KB

MD5
19df2b0f78dc3d8c470e836bae85e1ff

SHA1
03f2b5b848a51ee52980bf8595c559b89865de07

SHA256
bd9e07bbc62ce82dbc30c23069a17fbfa17f1c26a9c19e50fe754d494e6cd0b1

SHA512
c1c2b97f484e640bfdda17f7ed604d0583c3d4eaf21abf35491ccedc37fa4866480b59a692776687e5fda3eaeafb4c7bdb34dec91f996fd377a328a89c8d5724

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI22602\api-ms-win-core-file-l2-1-0.dll

Filesize
18KB

MD5
adb3471f89e47cd93b6854d629906809

SHA1
2cfc0c379fd7f23db64d15bdff2925778ff65188

SHA256
355633a84db0816ab6a340a086fb41c65854c313bd08d427a17389c42a1e5b69

SHA512
f53e11aa35911d226b676d454e873d0e84c189dd1caea8a0fe54d738933cd6b139eca48630f37f5979ef898950d99f3277cba6c7a697103f505d876bea62818c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI22602\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
6b4f2ca3efceb2c21e93f92cdc150a9d

SHA1
2532af7a64ef4b5154752f61290dcf9ebeea290f

SHA256
b39a515b9e48fc6589703d45e14dcea2273a02d7fa6f2e1d17985c0228d32564

SHA512
63a42dd1cb95fd38ddde562108c78e39cb5d7c9406bf749339e717c2cd866f26268d49b6bd966b338de1c557a426a01a24c2480f64762fef587bc09d44ada53b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI22602\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
18KB

MD5
247061d7c5542286aeddade76897f404

SHA1
7285f85440b6eff8731943b73502f58ae40e95a2

SHA256
ccb974c24ddfa7446278ca55fc8b236d0605d2caaf273db8390d1813fc70cd5b

SHA512
23ef467f6bb336d3e8c38000d30a92dac68e2662891863475ff18dbddbbbce909c12d241b86dbdea085e7d19c82cd20d80a60ffb2845f6afebedf06507afe5bc

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI22602\api-ms-win-core-timezone-l1-1-0.dll

Filesize
18KB

MD5
bdd63ea2508c27b43e6d52b10da16915

SHA1
2a379a1ac406f70002f200e1af4fed95b62e7cb8

SHA256
7d4252ab1b79c5801b58a08ce16efd3b30d8235733028e5823f3709bd0a98bcf

SHA512
b0393f0d2eb2173766238d2139ae7dea7a456606f7cb1b0e8bc0375a405bc25d28ef1c804802dddb5c3dbd88cfd047bfa5c93cbb475d1d6b5a9a893b51e25128

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI22602\python312.dll

Filesize
6.6MB

MD5
d521654d889666a0bc753320f071ef60

SHA1
5fd9b90c5d0527e53c199f94bad540c1e0985db6

SHA256
21700f0bad5769a1b61ea408dc0a140ffd0a356a774c6eb0cc70e574b929d2e2

SHA512
7a726835423a36de80fb29ef65dfe7150bd1567cac6f3569e24d9fe091496c807556d0150456429a3d1a6fd2ed0b8ae3128ea3b8674c97f42ce7c897719d2cd3

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI22602\ucrtbase.dll

Filesize
959KB

MD5
34168a4af676d6a5733bbf7a0905d3c7

SHA1
ba63e51ab3cd90666eb9a9bb0232502a5ec629ff

SHA256
2ab2a74bcb5bfd8248d232eb3bc56698fb5173b9ff7fc0daf87d8120d0f448d7

SHA512
c049c166b2b00dc30b0edae5d78badfffea7fb105f0cff9f3ae2c947ddf3ecde6331855b7ebed3f4ce923cc365b053b3a679319b2c6efa85ed0b9a7ddb5676ab

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads