Overview

overview

10

Static

static

10

666 Executor.exe

windows7-x64

7

666 Executor.exe

windows10-2004-x64

7

Resubmissions

12/10/2024, 10:25 UTC

241012-mf821swbjf 10

12/10/2024, 10:24 UTC

241012-mfpy5szgjr 10

12/10/2024, 10:23 UTC

241012-me1n9azfrj 10

12/10/2024, 10:21 UTC

241012-mdxafawajc 10

12/10/2024, 10:18 UTC

241012-mcd3gavhmb 10

Analysis

  • max time kernel
    15s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2024, 10:23 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    666 Executor.exe

  • Size

    17.9MB

  • MD5

    4306bc056d7a49c6fe7db3226ba445d7

  • SHA1

    46d16380247beb8d568e39b12acb3315858c8519

  • SHA256

    d6808dd1bea15672872c5228a9b2b4b2636f83f1e3fdb9448a42904ed5278440

  • SHA512

    c590695d5cdafa2e149cf984950ba5f52dbe97088f29cdec06b51aa7dc891de8e4396bd27d20a4ad932701e18c567276131d66d04968d3e5a074734a8ce9b9d1

  • SSDEEP

    393216:NqPnLFXlr/QMDOETgsvfGiJgOQaDvE6cbqJ0tq:UPLFXN/QREtHCdqJ

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\666 Executor.exe
    "C:\Users\Admin\AppData\Local\Temp\666 Executor.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Users\Admin\AppData\Local\Temp\666 Executor.exe
      "C:\Users\Admin\AppData\Local\Temp\666 Executor.exe"
      2⤵
      • Loads dropped DLL
      PID:2252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI17282\python310.dll
    Filesize

    1.4MB

    MD5

    69d4f13fbaeee9b551c2d9a4a94d4458

    SHA1

    69540d8dfc0ee299a7ff6585018c7db0662aa629

    SHA256

    801317463bd116e603878c7c106093ba7db2bece11e691793e93065223fc7046

    SHA512

    8e632f141daf44bc470f8ee677c6f0fdcbcacbfce1472d928576bf7b9f91d6b76639d18e386d5e1c97e538a8fe19dd2d22ea47ae1acf138a0925e3c6dd156378

    Download Submit

  • memory/2252-114-0x000007FEF5D30000-0x000007FEF619E000-memory.dmp

    Filesize

    4.4MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.