7ae9f50002ad8be6a792c9474d1f76273d0c8dd9c569d685f72e5eff33bc47fb

Analysis

max time kernel
16s
max time network
17s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
12-10-2024 17:02

Target

Blank_grabber.exe
Size

7.5MB
MD5

a87b075468e0adddb4e9bf7dfc4a9d3f
SHA1

37aafeb89ece8170a9c97ab0beccdeb77d992b82
SHA256

7ae9f50002ad8be6a792c9474d1f76273d0c8dd9c569d685f72e5eff33bc47fb
SHA512

0316bad04047bba56c90984a2635878f4d78d6c996b8f317705cd20f64ac45911fd5ebaef387ee55049852e2811373a048d736353f45bd805505be537b1880ad
SSDEEP

196608:aggVVE6/YwfI9jUC2gYBYv3vbW2+iITx1U6n+:0VVEgIH2gYBgDWJTnz+

Score

7^/10

upx

Loads dropped DLL 1 IoCs

pid	Process
2852	Blank_grabber.exe

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/files/0x0006000000015d14-21.dat	upx
behavioral1/memory/2852-23-0x000007FEF63F0000-0x000007FEF6AB5000-memory.dmp	upx

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2380 wrote to memory of 2852	2380	Blank_grabber.exe	30
PID 2380 wrote to memory of 2852	2380	Blank_grabber.exe	30
PID 2380 wrote to memory of 2852	2380	Blank_grabber.exe	30

C:\Users\Admin\AppData\Local\Temp\Blank_grabber.exe
"C:\Users\Admin\AppData\Local\Temp\Blank_grabber.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2380
- C:\Users\Admin\AppData\Local\Temp\Blank_grabber.exe
  "C:\Users\Admin\AppData\Local\Temp\Blank_grabber.exe"
  2⤵
  - Loads dropped DLL
  PID:2852

C:\Users\Admin\AppData\Local\Temp\_MEI23802\python312.dll

Filesize
1.7MB

MD5
6f7c42579f6c2b45fe866747127aef09

SHA1
b9487372fe3ed61022e52cc8dbd37e6640e87723

SHA256
07642b6a3d99ce88cff790087ac4e2ba0b2da1100cf1897f36e096427b580ee5

SHA512
aadf06fd6b4e14f600b0a614001b8c31e42d71801adec7c9c177dcbb4956e27617fa45ba477260a7e06d2ca4979ed5acc60311258427ee085e8025b61452acec

Download Submit
memory/2852-23-0x000007FEF63F0000-0x000007FEF6AB5000-memory.dmp

Filesize
6.8MB

Download