Overview

overview

10

Static

static

10

crack.exe

windows7-x64

7

crack.exe

windows10-2004-x64

7

svchost.exe

windows7-x64

7

svchost.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    03-10-2024 18:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    crack.exe

  • Size

    10.3MB

  • MD5

    4fe30a23c39ba018087953089e06e700

  • SHA1

    4a78d78c1f454a7f3d91413184ac061458c30d64

  • SHA256

    12198899a031241840756a8eed1015904555bc04728dace270c4734c02e64030

  • SHA512

    f62fd43cef647672debbe5a22a1461a885ad53e8f56ce426020f73064bfbf703d697e3a9e87ed5b4d8ec0b422c451477378bc7779460332bb02960349bd3ff05

  • SSDEEP

    196608:bACTH0W8/LgVEyXMCHGLLc54i1wN+ojXx5nDasqWQ2dTNUG2ZXxHMB1l/6zilb+c:ECIW8cVEyXMCHWUjAjx5WsqWxT45xHM5

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\crack.exe
    "C:\Users\Admin\AppData\Local\Temp\crack.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Users\Admin\AppData\Local\Temp\crack.exe
      "C:\Users\Admin\AppData\Local\Temp\crack.exe"
      2⤵
      • Loads dropped DLL
      PID:2956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22642\python312.dll
    Filesize

    6.6MB

    MD5

    166cc2f997cba5fc011820e6b46e8ea7

    SHA1

    d6179213afea084f02566ea190202c752286ca1f

    SHA256

    c045b57348c21f5f810bae60654ae39490846b487378e917595f1f95438f9546

    SHA512

    49d9d4df3d7ef5737e947a56e48505a2212e05fdbcd7b83d689639728639b7fd3be39506d7cfcb7563576ebee879fd305370fdb203909ed9b522b894dd87aacb

    Download Submit