fd8a52dd8dee2d367e831a1ff474baaacd13b2296580b882d14b86162406416a

Resubmissions

29-09-2024 18:53

240929-xjpgwszcrf 10

29-09-2024 18:48

240929-xfv59szbmg 10

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
29-09-2024 18:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

source_prepared.exe
Size

77.8MB
MD5

60ff27fb8cd08e937ba9b6d1b18840b4
SHA1

1da9a0075d366b81446265f63e27bc85553db2a3
SHA256

fd8a52dd8dee2d367e831a1ff474baaacd13b2296580b882d14b86162406416a
SHA512

62f14b688df29729f76a3f34b89e3c1d383ea9f045886791ea8354123448504cb65cb023ebb9f45cf20b806f5848bdcc2c8d2a7661388aa8de1ec2130022c622
SSDEEP

1572864:pvHcRl3WQKmSk8IpG7V+VPhqYdfzE7tlHegiYweyJulZUdg1hjrrRdECV37U:pvHcR5YmSkB05awcf2dMpuxh/rDNo

Score

7^/10

upx

Malware Config

Signatures

Loads dropped DLL 7 IoCs

pid	Process
2100	source_prepared.exe
2100	source_prepared.exe
2100	source_prepared.exe
2100	source_prepared.exe
2100	source_prepared.exe
2100	source_prepared.exe
2100	source_prepared.exe

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x0003000000020b02-1419.dat	upx

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2732 wrote to memory of 2100	2732	source_prepared.exe	30
PID 2732 wrote to memory of 2100	2732	source_prepared.exe	30
PID 2732 wrote to memory of 2100	2732	source_prepared.exe	30

C:\Users\Admin\AppData\Local\Temp\source_prepared.exe
"C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2732
- C:\Users\Admin\AppData\Local\Temp\source_prepared.exe
  "C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"
  2⤵
  - Loads dropped DLL
  PID:2100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI27322\api-ms-win-core-file-l2-1-0.dll

Filesize
21KB

MD5
c17b2ffbfef8e174a4f7c29b102a0986

SHA1
a34e6bcc55f613e6f62ec93234ef2c554e3d2eec

SHA256
70b029b53557fa77b90b57111c21b33617cccf4597ea60a4e93b84df3ea29c86

SHA512
60f55efef717f3be5179f41f019c6d5e1a58f2bb51197cb62b7f6b387a56567463b69efcc33db16ea66ecbd2a3eb2ff9546a47fbce2516efbcdd681c0b3624da

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27322\python312.dll

Filesize
1.7MB

MD5
36e9be7e881d1dc29295bf7599490241

SHA1
5b6746aedac80f0e6f16fc88136bcdcbd64b3c65

SHA256
ebef43e92267a17f44876c702c914aafa46b997b63223ff46b12149fd2a2616e

SHA512
090d4e9092b7fe00180164b6f84b4bd1d1a1e12dc8fea042eaa0e75cc08bb9994c91c3853bedec390208db4ef2e3447cd9be20d7dc20c14e6deb52a141d554cf

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27322\setuptools\_vendor\importlib_metadata-8.0.0.dist-info\INSTALLER

Filesize
4B

MD5
365c9bfeb7d89244f2ce01c1de44cb85

SHA1
d7a03141d5d6b1e88b6b59ef08b6681df212c599

SHA256
ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508

SHA512
d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27322\setuptools\_vendor\jaraco.functools-4.0.1.dist-info\LICENSE

Filesize
1023B

MD5
141643e11c48898150daa83802dbc65f

SHA1
0445ed0f69910eeaee036f09a39a13c6e1f37e12

SHA256
86da0f01aeae46348a3c3d465195dc1ceccde79f79e87769a64b8da04b2a4741

SHA512
ef62311602b466397baf0b23caca66114f8838f9e78e1b067787ceb709d09e0530e85a47bbcd4c5a0905b74fdb30df0cc640910c6cc2e67886e5b18794a3583f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27322\setuptools\_vendor\jaraco.text-3.12.1.dist-info\WHEEL

Filesize
92B

MD5
43136dde7dd276932f6197bb6d676ef4

SHA1
6b13c105452c519ea0b65ac1a975bd5e19c50122

SHA256
189eedfe4581172c1b6a02b97a8f48a14c0b5baa3239e4ca990fbd8871553714

SHA512
e7712ba7d36deb083ebcc3b641ad3e7d19fb071ee64ae3a35ad6a50ee882b20cd2e60ca1319199df12584fe311a6266ec74f96a3fb67e59f90c7b5909668aee1

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI27322\ucrtbase.dll

Filesize
1.1MB

MD5
db441e5850199df76c8243b9e86a9ddb

SHA1
585222bdd82dc6ebf6adbbb1b43a35352a132c3f

SHA256
849f6167339bb3617e1af63268f92bf1343316965e370ea2952b1fd4dae460bf

SHA512
ec20d8570200ef0dc9d9cc1982323b4b57419a02da32841cad4cb408979049ea48b1bc63a9df4f312df0189330accc518184331a56b7a611a372560216abb47f

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI27322\api-ms-win-core-file-l1-2-0.dll

Filesize
22KB

MD5
197c3a52b661aa8644efa7018a57f7a4

SHA1
693ffb2c3cd05f4a0b5a226c8ecb9b24bb933487

SHA256
63c4446f645110551e7191bb18e8d001b5e1f48163690c0515fdb693800aa076

SHA512
a339bff342cdb0e536c2440e33f0ded5e5c01527a8c043499423dbd60a6846727138d59b3edeb73718dabdfb16e606f96e31a409f7ebaed81f635255d8214740

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI27322\api-ms-win-core-localization-l1-2-0.dll

Filesize
22KB

MD5
a5969ee6eef2ae28b62b0cd674e9cdc5

SHA1
53266be1479489c6db7bfec4f3f3375c5caad00d

SHA256
69eb940ab82ed73fbe31a1824a159571adb42ed6d3b13fb9e481c367b440003a

SHA512
6d451676118ac7926c96131c4dc0e63822ce0f38314fbfb130ba5c21782d27d969a1f340c638c94f0115f5bfb83eff18f06c2601d02225fba6dd4efdb2ec2c14

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI27322\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
21KB

MD5
a51217a2e44f0cc387b56040d7a0bbfc

SHA1
40d04e5125ec38b8b334fe2cd006f7fdf26d58eb

SHA256
8b3003b00505dbc0cde18aaf043d9dbbd35f46758a23e3450b8eac4f6b360c59

SHA512
207ed55b4d1cec2b181851342c7284ddc88cc0e9e04fad2c0ef758d604436ed112bd24165a6911abfb9592164e6bb2102d867c5ca62143670284f5fe62c7a11c

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI27322\api-ms-win-core-timezone-l1-1-0.dll

Filesize
22KB

MD5
2607609b7d03453e567d788fbd94270b

SHA1
7a2cf04658f4251982f06f34012b069732d5ea3a

SHA256
c6611e633208807cf05e5b5f2391d870b3ca4f5012e28a31bac4373b45110219

SHA512
022de2afadc9cec41c2982e43f6e52ccccf66d9715c2ef35240d6948793e18eef130ecea24424ff3961f371dd0f452eb9c5748f75c51bd4bd084535b5c6d8a21

Download Submit
memory/2100-1421-0x000007FEF60A0000-0x000007FEF6765000-memory.dmp

Filesize
6.8MB

Download