Overview

overview

10

Static

static

10

homework.exe

windows7-x64

7

homework.exe

windows10-2004-x64

9

Resubmissions

29-10-2024 19:47

241029-yhrrasxnfv 10

29-10-2024 19:15

241029-xx766aybqa 10

29-10-2024 18:03

241029-wm2qyswpdw 10

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    29-10-2024 18:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    homework.exe

  • Size

    75.9MB

  • MD5

    c13c073051e361c103efae69e8d7b0d3

  • SHA1

    109794265b9d96e38d790caa565b1db2cf11cb3c

  • SHA256

    1ab3704239d08651e5c066c14e9393dbd249082906876ad68026b26adecd8d76

  • SHA512

    1a15c34e8b412c68708e19380aa4ccadd4fe2ee4e3552925f9c473fa901df7c760726a16606f8e4caff2a1c2b4dfdaceb6dd8218821bf05c5b0eea7eddb16f36

  • SSDEEP

    1572864:o8VlkIW003Sk8IpG7V+VPhqK2SE7WCmlKUiY4MHHLeqPNLtDB61Z1RTla:oKWIESkB05awK2iCmMvMHVLtFyNT

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\homework.exe
    "C:\Users\Admin\AppData\Local\Temp\homework.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2728
    • C:\Users\Admin\AppData\Local\Temp\homework.exe
      "C:\Users\Admin\AppData\Local\Temp\homework.exe"
      2⤵
      • Loads dropped DLL
      PID:2948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI27282\python310.dll
    Filesize

    1.4MB

    MD5

    6e67e0b36c6e52fb4b214e7e5264bbf9

    SHA1

    aa2c8f7b4eb6c69625ebdb96ded02f3a0bc0cebf

    SHA256

    2b3951431cb327ee780c9f27e91a4df0911b6b2b59c81b43ba74438c8657c9b3

    SHA512

    daf00f9b439dae48781fa8848c6b04538012f22fcf24252b41647bed814e9139ccae4d66e4b3d220ea902d4aa40a177a5dbcef7b76776bde22d41d0ad8f630ad

    Download Submit

  • memory/2948-1266-0x000007FEF64E0000-0x000007FEF6946000-memory.dmp

    Filesize

    4.4MB

    Download