Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28-10-2024 19:42

General

  • Target

    ScorpixV2.exe

  • Size

    15.2MB

  • MD5

    4d4883ad07cd5e3a663b3d3874b0ada4

  • SHA1

    fd04146839cc80143e6412d15e5cbf12034bd1a1

  • SHA256

    505476413b096c61d8c6550d07b39cbb12cc2790d277be2801f21207fa4595b0

  • SHA512

    2dfcf29d9ec04d69c07a79ad252496cbf70c572559fd5c6463db546f027ddc75208f4da2a9bdca9c251f40ea002acad88b08a353b5d37a3e634ec67c6baed088

  • SSDEEP

    393216:hdojrsupVxtkS1Lmbu/CwRvlkBbeYbhG2QpsYpa:hdojDHxvf/CwdlKFwvNpa

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ScorpixV2.exe
    "C:\Users\Admin\AppData\Local\Temp\ScorpixV2.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Users\Admin\AppData\Local\Temp\ScorpixV2.exe
      "C:\Users\Admin\AppData\Local\Temp\ScorpixV2.exe"
      2⤵
      • Loads dropped DLL
      PID:2604

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI20962\python310.dll

    Filesize

    1.4MB

    MD5

    76cb307e13fbbfb9e466458300da9052

    SHA1

    577f0029ac8c2dd64d6602917b7a26bcc2b27d2b

    SHA256

    95066c06d9ed165f0b6f34079ed917df1111bd681991f96952d9ee35d37dc615

    SHA512

    f15b17215057433d88f1a8e05c723a480b4f8bc56d42185c67bb29a192f435f54345aa0f6d827bd291e53c46a950f2e01151c28b084b7478044bd44009eced8f

  • memory/2604-24-0x000007FEF59C0000-0x000007FEF5E2E000-memory.dmp

    Filesize

    4.4MB