30ee1d5e1de95363127d894fb845037f730c810da7bed37d4c7f20a0602b5f03

Resubmissions

29-10-2024 20:25

241029-y7hvpayjbv 10

29-10-2024 13:35

241029-qvwl1sxjfp 10

29-10-2024 02:46

241029-c9ckss1lep 10

29-10-2024 02:31

241029-cz55cs1jgs 10

Analysis

max time kernel
4s
max time network
7s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
29-10-2024 20:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

OpenIfUDare.exe
Size

72.4MB
MD5

bf3976be4eee6b590572c4968366d2d4
SHA1

25b5c71487b71110fed30921144d1f1bc0e36a18
SHA256

30ee1d5e1de95363127d894fb845037f730c810da7bed37d4c7f20a0602b5f03
SHA512

e28625fdff70014e90121c75e5b7c92f63b2200acfd258ff7ac12e625413c4f332423b8c5211ae892c6e1ac2244a52eaf1721d9bb316b60d4764f548c113c9ca
SSDEEP

1572864:+9JxSm1Wh3hr7acirAH8+1osuTCSxOB6xMLiIpB2qHWB75ilQCmqZ8++yAmDSt:KzAr7RS6xjKcBa6/2qHO5iFpy++yz2

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 3 IoCs

pid	Process
2616	OpenIfUDare.exe
2616	OpenIfUDare.exe
2616	OpenIfUDare.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 1908 wrote to memory of 2616	1908	OpenIfUDare.exe	90
PID 1908 wrote to memory of 2616	1908	OpenIfUDare.exe	90

C:\Users\Admin\AppData\Local\Temp\OpenIfUDare.exe
"C:\Users\Admin\AppData\Local\Temp\OpenIfUDare.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1908
- C:\Users\Admin\AppData\Local\Temp\OpenIfUDare.exe
  "C:\Users\Admin\AppData\Local\Temp\OpenIfUDare.exe"
  2⤵
  - Loads dropped DLL
  PID:2616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI19082\VCRUNTIME140.dll

Filesize
116KB

MD5
be8dbe2dc77ebe7f88f910c61aec691a

SHA1
a19f08bb2b1c1de5bb61daf9f2304531321e0e40

SHA256
4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83

SHA512
0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI19082\_ctypes.pyd

Filesize
121KB

MD5
565d011ce1cee4d48e722c7421300090

SHA1
9dc300e04e5e0075de4c0205be2e8aae2064ae19

SHA256
c148292328f0aab7863af82f54f613961e7cb95b7215f7a81cafaf45bd4c42b7

SHA512
5af370884b5f82903fd93b566791a22e5b0cded7f743e6524880ea0c41ee73037b71df0be9f07d3224c733b076bec3be756e7e77f9e7ed5c2dd9505f35b0e4f5

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI19082\_ctypes.pyd

Filesize
42KB

MD5
4bbf67427ad35f1eca3f4fdae84e035b

SHA1
0614f88688d647d00ff825648a8d38cf0103bf10

SHA256
f2c347a4bea27d94191a7f59003a6b1058326593cf20268e416e01037091f73b

SHA512
521936080a78a87bf0a4abedcd85f471cac610dfe4d7c418c9109a8e5e285ec3d9243fbb05573ebb54178ec004aa8781faa25f686068d294bd65c685ee9342be

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI19082\base_library.zip

Filesize
267KB

MD5
77eff0d6b1c09a15427b40a8b3b61d67

SHA1
d274a51ff8c783c753d4da42b972b18e9c0d472b

SHA256
41e17d28c012638a19005d06940513cffe19b11e222a42c5c0ec20e3fd1d0590

SHA512
423a8ee3721ff628b8633e7cdf038fd36195066013f4851f67a0d2f48bb962e4834410ab3a452e85f9e9cb7e4c285a5a4dc4286ac334c01e07f678556504556f

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI19082\python3.DLL

Filesize
65KB

MD5
7e07c63636a01df77cd31cfca9a5c745

SHA1
593765bc1729fdca66dd45bbb6ea9fcd882f42a6

SHA256
db84bc052cfb121fe4db36242ba5f1d2c031b600ef5d8d752cf25b7c02b6bac6

SHA512
8c538625be972481c495c7271398993cfe188e2f0a71d38fb51eb18b62467205fe3944def156d0ff09a145670af375d2fc974c6b18313fa275ce6b420decc729

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI19082\python3.dll

Filesize
42KB

MD5
32a9060f17134cf5967d3aa49acc74d5

SHA1
fdb17e82c643984257b7aeda8e423a95a99e4ba1

SHA256
0fd7d14dd284af4a3a9c485829ebf761252d31c4418102d96d35fad64a4c97d0

SHA512
b4527bbd5be25f148b4615f1b0d8f892cb10ea6930ad18c6252347083e2bc9f53b6929891a32f0926128006a454392626d723c06bab1786343d0dcfb56abb919

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI19082\python311.dll

Filesize
1.2MB

MD5
a26f566c181691d10665010b9c955aca

SHA1
5fcbafe6ad55f04e00110ded840a881f0b7b78ab

SHA256
ddcb650c068d594e96ea503c4b78c433f2f2b0e4db34ba6a1c1cb08aa72b0410

SHA512
41c7c3bb1968b4807c2847b622a99cd8289dbfa6e49678042280b09dc61d78ac8c2dff23687427ea20c7aa62d06c2f5f889185f5a08a18768853f04569ce2903

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI19082\python311.dll

Filesize
1.8MB

MD5
68c9e128115ec292c44bf8ca018cc2d7

SHA1
696606d9fde67560b56fb44c64d6f9ea9da215b2

SHA256
61893e15c907b172649b8f069efb1fcb1ffd57cec57e89bfe0ef3addc010c96c

SHA512
b9b628ee13d0574b14d5b69eb5195c0853b43190298d47524d3a673a3e5c58a58172254a683c0d2ea02b3a7bbfdb88b36a6c93232d636177f241a53246883936

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI19082\ucrtbase.dll

Filesize
992KB

MD5
0e0bac3d1dcc1833eae4e3e4cf83c4ef

SHA1
4189f4459c54e69c6d3155a82524bda7549a75a6

SHA256
8a91052ef261b5fbf3223ae9ce789af73dfe1e9b0ba5bdbc4d564870a24f2bae

SHA512
a45946e3971816f66dd7ea3788aacc384a9e95011500b458212dc104741315b85659e0d56a41570731d338bdf182141c093d3ced222c007038583ceb808e26fd

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads