9d70d5d424acd8f68100f8b5bf3dbb72fe97b752f2493b27cdac3c8259cdad87

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
13-09-2024 17:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Discord_audio_Monitor.exe
Size

17.5MB
MD5

79b4cf9b462e0fa4c926644d6e5b05c7
SHA1

044e82889280f22926378b769273275b1bb08c47
SHA256

9d70d5d424acd8f68100f8b5bf3dbb72fe97b752f2493b27cdac3c8259cdad87
SHA512

e8b623aef80176418fba8748a0b25e4f73fffda3e1a364ff396620b5e9b13f18c9fd20bd54e3888882e1abf7048892c9d43efadcae46a2cd854a4c9673ca5f3d
SSDEEP

393216:M0b/2dQusluEclExBZIvLjBpLLTxY4PZxYfq9k+T/wLZ5S0:n2dQuWxBZkxpnlNhxYC6gJ0

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

pid	Process
2312	Discord_audio_Monitor.exe
2312	Discord_audio_Monitor.exe
2312	Discord_audio_Monitor.exe
2312	Discord_audio_Monitor.exe
2312	Discord_audio_Monitor.exe
2312	Discord_audio_Monitor.exe
2312	Discord_audio_Monitor.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2484 wrote to memory of 2312	2484	Discord_audio_Monitor.exe	31
PID 2484 wrote to memory of 2312	2484	Discord_audio_Monitor.exe	31
PID 2484 wrote to memory of 2312	2484	Discord_audio_Monitor.exe	31

C:\Users\Admin\AppData\Local\Temp\Discord_audio_Monitor.exe
"C:\Users\Admin\AppData\Local\Temp\Discord_audio_Monitor.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2484
- C:\Users\Admin\AppData\Local\Temp\Discord_audio_Monitor.exe
  "C:\Users\Admin\AppData\Local\Temp\Discord_audio_Monitor.exe"
  2⤵
  - Loads dropped DLL
  PID:2312

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI24842\api-ms-win-core-file-l1-2-0.dll

Filesize
13KB

MD5
309ff152e830995a7978da8b20ebb318

SHA1
7daaf752d511b0fdae74008a5d0808f51553f21e

SHA256
940a9a02e564e2ce13280b78f4aa7b794b97685830edf2be3fbb0aecfdee707d

SHA512
565ea894214b88ea1a50779a1f36db2cbeb0aaf77a24d92b3d66c1ddab2dc57876205aa02721f79d3d4d01012df7347b62f4b8504f65915e07170b6901a7679c

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24842\api-ms-win-core-file-l2-1-0.dll

Filesize
13KB

MD5
1e10f8ae883cdf8fc5fe166e61bd4c45

SHA1
5bc3de1f03674a32b309869a5f1b48d89790ff40

SHA256
e9e0a414c092ac237ee2c0e5f167efe9ff5e62314a5eb529011f85bdf7c0b2b7

SHA512
2ab555986a57f7fda8e284d472d1c1ca583e2415b6e9deccb0f1b0c72ce81fcddb1c733dc0b8f9d0f3ab8eae21864080c9091202ff99655534019b28a3ea866a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24842\api-ms-win-core-localization-l1-2-0.dll

Filesize
15KB

MD5
d13d82a9f3a0ee74f5c778ea50de9d4b

SHA1
afbf2470f0d46caf56f792ee10f6e86d58fc1aef

SHA256
139594138f923f34192b84edd810a6292eeb880e7797aeb3b9f22e69613426cf

SHA512
8544c73b9fb957ce0af9c112e0e06f3548525995d242098bf54c6d9e1a9822b1687bb5c32f85a7496632bfcabd4982ad8d573d74e1dc500c51cbd51558f8d6ba

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24842\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
13KB

MD5
e105a7a95c3446b76a521c741ab03d1b

SHA1
b8371e3d938daca45bfd7ef2101e6fabd0e2450d

SHA256
a2947ba9d0c5510a62f685c839990cbe4ec43e2c7b38e20938420b562229090f

SHA512
10d4ed9e7a47d21bf04bb6c3b181e66528755601b1b748d2c23c20c9543f18e2cc2e87e133db5569b19d04748356891159ba210c1e3e719bb6dafce054a7c55a

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24842\api-ms-win-core-timezone-l1-1-0.dll

Filesize
13KB

MD5
e27aa1ee2a6b5aa8d746ceed7095fdaf

SHA1
e7bc272932c30c494e672bc2871bbc26d2c758b6

SHA256
31e96eaf08a5dad4afe4304c97d18aefdfdc22c444c9f67be272f8e6282aa76a

SHA512
4c075c2ebab277480a05108588155d6f669c32d0bffd4264bc4d316fbaee613f940ffe4432ff906346f4290c5e379c7449a989c932834aed4c3f972d905b59e1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24842\python310.dll

Filesize
4.3MB

MD5
deaf0c0cc3369363b800d2e8e756a402

SHA1
3085778735dd8badad4e39df688139f4eed5f954

SHA256
156cf2b64dd0f4d9bdb346b654a11300d6e9e15a65ef69089923dafc1c71e33d

SHA512
5cac1d92af7ee18425b5ee8e7cd4e941a9ddffb4bc1c12bb8aeabeed09acec1ff0309abc41a2e0c8db101fee40724f8bfb27a78898128f8746c8fe01c1631989

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI24842\ucrtbase.dll

Filesize
987KB

MD5
28647d8fb402416cb1c986894d849c50

SHA1
bf0eaa587001214a4d6e6876b8adfcb49254450b

SHA256
b3591e2ba725934a1a659882444b85b186da44d2dddaba3b66587dd3f97364ab

SHA512
689346b9d9fa2f93a5d50af15eee9cc18ee819c00986dabbdd102126556466adecc412a8c539a8d22239cddccc1c3d3dd5783dff047f593bfd7be761c0ab9b12

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads