Overview

overview

7

Static

static

3

akdlsfjkla...ds.exe

windows7-x64

7

akdlsfjkla...ds.exe

windows10-2004-x64

7

main.pyc

windows7-x64

3

main.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/09/2024, 16:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    akdlsfjkladfjlkadjflkajds.exe

  • Size

    39.7MB

  • MD5

    37c6887077407ebdaf8493132ea76379

  • SHA1

    822ca21dcea8ed5586bd50b671d412d798fa23e0

  • SHA256

    d2dabdf698b9a8150559f58f81f666fcac4b9293c63babf37acb26e37baf5055

  • SHA512

    393c00b17bcd8d48fe70fed488978c57d673dcb5360591a9ee7ac254393be53d122d07430ba721fda74fd3fb7fd3c392c349deca64103aa273e302c358c73b17

  • SSDEEP

    786432:CtMYKF7RJrgPQEErUKWAPd2/ft08gOwTQYK9G36BFDmWKU09fjuqTd0LuJe:vF7Rd89EOAl2/VRgbTQYK9G36BFyWC9M

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\akdlsfjkladfjlkadjflkajds.exe
    "C:\Users\Admin\AppData\Local\Temp\akdlsfjkladfjlkadjflkajds.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Users\Admin\AppData\Local\Temp\akdlsfjkladfjlkadjflkajds.exe
      "C:\Users\Admin\AppData\Local\Temp\akdlsfjkladfjlkadjflkajds.exe"
      2⤵
      • Loads dropped DLL
      PID:2620

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI30282\python310.dll
          Filesize

          4.2MB

          MD5

          384349987b60775d6fc3a6d202c3e1bd

          SHA1

          701cb80c55f859ad4a31c53aa744a00d61e467e5

          SHA256

          f281c2e252ed59dd96726dbb2de529a2b07b818e9cc3799d1ffa9883e3028ed8

          SHA512

          6bf3ef9f08f4fc07461b6ea8d9822568ad0a0f211e471b990f62c6713adb7b6be28b90f206a4ec0673b92bae99597d1c7785381e486f6091265c7df85ff0f9b5

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI30282\ucrtbase.dll
          Filesize

          1.1MB

          MD5

          3b337c2d41069b0a1e43e30f891c3813

          SHA1

          ebee2827b5cb153cbbb51c9718da1549fa80fc5c

          SHA256

          c04daeba7e7c4b711d33993ab4c51a2e087f98f4211aea0dcb3a216656ba0ab7

          SHA512

          fdb3012a71221447b35757ed2bdca6ed1f8833b2f81d03aabebd2cd7780a33a9c3d816535d03c5c3edd5aaf11d91156842b380e2a63135e3c7f87193ad211499

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI30282\api-ms-win-core-file-l1-2-0.dll
          Filesize

          21KB

          MD5

          3473bc217562594b5b126d7aeb9380e9

          SHA1

          b551b9d9aa80be070f577376e484610e01c5171a

          SHA256

          0d8190fd619feb20df123931108d499132f7051f1ebb0ef246082f4c52c88b22

          SHA512

          036b93457ade632ad68264d81ff26ee1156038e234c606882386d6babcbe722a18e9ced1655f97caecaf5fd514e261dafe999a3e9fec00cc677e177f0bf8e203

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI30282\api-ms-win-core-file-l2-1-0.dll
          Filesize

          20KB

          MD5

          50abf0a7ee67f00f247bada185a7661c

          SHA1

          0cddac9ac4db3bf10a11d4b79085ef9cb3fb84a1

          SHA256

          f957a4c261506484b53534a9be8931c02ec1a349b3f431a858f8215cecfec3f7

          SHA512

          c2694bb5d103baff1264926a04d2f0fe156b8815a23c3748412a81cc307b71a9236a0e974b5549321014065e393d10228a0f0004df9ba677f03b5d244a64b528

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI30282\api-ms-win-core-localization-l1-2-0.dll
          Filesize

          21KB

          MD5

          0414909b279ea61ca344edbe8e33e40b

          SHA1

          4ece0dabe954c43f9bd5032de76ec29c47b22e10

          SHA256

          05b0c773a77850f3d50ddb4b82cc4d5f19316fe1aaa65e21b4709ae73f60a28e

          SHA512

          edbd33540cd1ef69f2ce824cfb991903ec6e4edda815f07d610247594ceeb2ebc78f05a44b4de8c5c937191b7e8b2ef221423c06df303d73deea721c25d15eed

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI30282\api-ms-win-core-processthreads-l1-1-1.dll
          Filesize

          21KB

          MD5

          b1ba47d8389c40c2dda3c56cbed14fc5

          SHA1

          2eef9ffa32171d53affa44e3db7727aa383f7fac

          SHA256

          c7277c05dc6b905fad5cb930b0ecfbbc4676b46974b4571e54ca44cb6f6be404

          SHA512

          466e31f17f73bda5149343b23f4966502a8597d2a2e43f9a6c9c32387451d92c6b658ccaae27044e68e4a9fd0ef9c89e32dc7639d59fcf04c596b6abfa09658b

          Download Submit

        • \Users\Admin\AppData\Local\Temp\_MEI30282\api-ms-win-core-timezone-l1-1-0.dll
          Filesize

          21KB

          MD5

          953c63ef10ec30ef7c89a6f0f7074041

          SHA1

          4b4f1ff3085fded9dbd737f273585ad43175b0a3

          SHA256

          c93954167c12e15b58ac95240d2e0a2fbd94561d739d9f6aca906d9c30453496

          SHA512

          b4534785e4d02ad387e3c6082884d438cc4b3cd8758aabcf99620052f5842dbd298351bc1723c274d4f7d3fce0cc940df3d47865fece2f07cdb1151376ba852e

          Download Submit