Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20241023-en -
resource tags
arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system -
submitted
29-10-2024 14:23
Behavioral task
behavioral1
Sample
main.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
main.exe
Resource
win10v2004-20241007-en
General
-
Target
main.exe
-
Size
36.5MB
-
MD5
6f5cb1668158f94f78a0a4b61a3c206c
-
SHA1
e677d189b7a92f847d6e3f656d3bbb48633622a7
-
SHA256
45a46643891dcbb79127ad3d95969a975d5e409413fb9c3633491affc182f8f3
-
SHA512
9d82f1549a05844e886c8e112eea4466a5c754bf7e299feac7f1629e91a6923e3edb41762e5162eee2ea08ba8f27589e5bcf301d03ae332cc5037222edaac63c
-
SSDEEP
786432:s8MdYj/rmTVKqB2cYrlyaBa5/X3QSPTvoIkQr7PniKN6:3jiTkrlyzX3QSPZDrWK0
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 2756 main.exe -
resource yara_rule behavioral1/files/0x0006000000015d81-12.dat upx behavioral1/memory/2756-14-0x000007FEF5C20000-0x000007FEF6086000-memory.dmp upx -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2712 wrote to memory of 2756 2712 main.exe 28 PID 2712 wrote to memory of 2756 2712 main.exe 28 PID 2712 wrote to memory of 2756 2712 main.exe 28
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.4MB
MD54a6afa2200b1918c413d511c5a3c041c
SHA139ca3c2b669adac07d4a5eb1b3b79256cfe0c3b3
SHA256bec187f608507b57cf0475971ba646b8ab42288af8fdcf78bce25f1d8c84b1da
SHA512dbffb06ffff0542200344ea9863a44a6f1e1b783379e53df18580e697e8204d3911e091deb32a9c94b5599cdd54301b705b74e1f51104151cf13b89d57280a20