378a445c2995010f1a268b7ff8f311660fc2f8dabca36ff985ebdba11868c99d

Analysis

max time kernel
31s
max time network
31s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
27-09-2024 14:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PeakGen_v2.exe
Size

6.8MB
MD5

14caf40258fa0ab56553184460d1ea85
SHA1

480dcbdb52d0258c38965e55fbfe9650568b23d9
SHA256

378a445c2995010f1a268b7ff8f311660fc2f8dabca36ff985ebdba11868c99d
SHA512

2d1bd9f6619507f7eb4b0b368dd1a03ba24c6a7348e243b8a7c7aaf564045164f2e36c48dc33d035582bfed4ca59de2b9f1d9901a30f18ddb84293e51d553229
SSDEEP

196608:5OX4FMIZETSwjPePdrQJ/Bd1WyYtYPjo:KQETSwvJH1WyUao

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 4 IoCs

pid	Process
1940	PeakGen_v2.exe
1940	PeakGen_v2.exe
1940	PeakGen_v2.exe
1940	PeakGen_v2.exe

Suspicious use of WriteProcessMemory 10 IoCs

description	pid	Process	procid_target
PID 4532 wrote to memory of 1940	4532	PeakGen_v2.exe	86
PID 4532 wrote to memory of 1940	4532	PeakGen_v2.exe	86
PID 1940 wrote to memory of 2192	1940	PeakGen_v2.exe	87
PID 1940 wrote to memory of 2192	1940	PeakGen_v2.exe	87
PID 2192 wrote to memory of 216	2192	cmd.exe	88
PID 2192 wrote to memory of 216	2192	cmd.exe	88
PID 1940 wrote to memory of 3412	1940	PeakGen_v2.exe	89
PID 1940 wrote to memory of 3412	1940	PeakGen_v2.exe	89
PID 1940 wrote to memory of 4780	1940	PeakGen_v2.exe	90
PID 1940 wrote to memory of 4780	1940	PeakGen_v2.exe	90

C:\Users\Admin\AppData\Local\Temp\PeakGen_v2.exe
"C:\Users\Admin\AppData\Local\Temp\PeakGen_v2.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4532
- C:\Users\Admin\AppData\Local\Temp\PeakGen_v2.exe
  "C:\Users\Admin\AppData\Local\Temp\PeakGen_v2.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious use of WriteProcessMemory
  PID:1940
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c mode con: cols=140 lines=30
    3⤵
    - Suspicious use of WriteProcessMemory
    PID:2192
  - - C:\Windows\system32\mode.com
      mode con: cols=140 lines=30
      4⤵
      PID:216
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c cls
    3⤵
    PID:3412
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c cls
    3⤵
    PID:4780

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI45322\VCRUNTIME140.dll

Filesize
106KB

MD5
4585a96cc4eef6aafd5e27ea09147dc6

SHA1
489cfff1b19abbec98fda26ac8958005e88dd0cb

SHA256
a8f950b4357ec12cfccddc9094cca56a3d5244b95e09ea6e9a746489f2d58736

SHA512
d78260c66331fe3029d2cc1b41a5d002ec651f2e3bbf55076d65839b5e3c6297955afd4d9ab8951fbdc9f929dbc65eb18b14b59bce1f2994318564eb4920f286

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI45322\_ctypes.pyd

Filesize
120KB

MD5
bd36f7d64660d120c6fb98c8f536d369

SHA1
6829c9ce6091cb2b085eb3d5469337ac4782f927

SHA256
ee543453ac1a2b9b52e80dc66207d3767012ca24ce2b44206804767f37443902

SHA512
bd15f6d4492ddbc89fcbadba07fc10aa6698b13030dd301340b5f1b02b74191faf9b3dcf66b72ecf96084656084b531034ea5cadc1dd333ef64afb69a1d1fd56

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI45322\base_library.zip

Filesize
1.8MB

MD5
83b06d6f90f33c512eee102a649279f6

SHA1
96e5734c6d26b9ae9ed3fc3251e8c56ed9d468db

SHA256
1a2fd2bb30f1250cb552cb17839f806602da1559e29adbee5508b6e490306a73

SHA512
3404d4a06e75837b4b3b3bc53141e517feca93362e35cb1a18fee8d3799b4ca2e7c4c4a121d535446d05abd09bb9a0eb5577c748db65c544283575e065e64845

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI45322\libffi-8.dll

Filesize
38KB

MD5
0f8e4992ca92baaf54cc0b43aaccce21

SHA1
c7300975df267b1d6adcbac0ac93fd7b1ab49bd2

SHA256
eff52743773eb550fcc6ce3efc37c85724502233b6b002a35496d828bd7b280a

SHA512
6e1b223462dc124279bfca74fd2c66fe18b368ffbca540c84e82e0f5bcbea0e10cc243975574fa95ace437b9d8b03a446ed5ee0c9b1b094147cefaf704dfe978

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI45322\python311.dll

Filesize
5.5MB

MD5
5a5dd7cad8028097842b0afef45bfbcf

SHA1
e247a2e460687c607253949c52ae2801ff35dc4a

SHA256
a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce

SHA512
e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads