8b3d9acb2888159636734c5bd90e1b6137057a74fb1ca7569be3556d5b141dd1

Analysis

max time kernel
839s
max time network
842s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
03-11-2024 15:59

Target

enjoy/enjoy/panel FF/Panel FF.exe
Size

17.9MB
MD5

b257c69da732683404c5306fccd089ac
SHA1

060a0049472f2af7a646494e57d38eb2678ee2d9
SHA256

799297010ab1f194fa1c0870f23970cd6dae5ce5ff85f8cbf541f8de43605be3
SHA512

aae6abe0ef763d8062d24419f51783415a8619d8d274d6620f8a71f2eaa1c147e62a432bad3c4d45409f8f7f05c690bfb0e1e7bcfa1b14cfacba868db800caa1
SSDEEP

393216:oqPnLFXlrzQMDOETgsvfGugyA0Av/zOEQ49Aa/2tpLL2d:ZPLFXNzQREjXA0AvYaAy2tEd

Score

7^/10

upx

Loads dropped DLL 1 IoCs

pid	Process
2608	Panel FF.exe

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/files/0x000500000001c882-112.dat	upx

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2336 wrote to memory of 2608	2336	Panel FF.exe	30
PID 2336 wrote to memory of 2608	2336	Panel FF.exe	30
PID 2336 wrote to memory of 2608	2336	Panel FF.exe	30

C:\Users\Admin\AppData\Local\Temp\enjoy\enjoy\panel FF\Panel FF.exe
"C:\Users\Admin\AppData\Local\Temp\enjoy\enjoy\panel FF\Panel FF.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2336
- C:\Users\Admin\AppData\Local\Temp\enjoy\enjoy\panel FF\Panel FF.exe
  "C:\Users\Admin\AppData\Local\Temp\enjoy\enjoy\panel FF\Panel FF.exe"
  2⤵
  - Loads dropped DLL
  PID:2608

C:\Users\Admin\AppData\Local\Temp\_MEI23362\python310.dll

Filesize
1.4MB

MD5
69d4f13fbaeee9b551c2d9a4a94d4458

SHA1
69540d8dfc0ee299a7ff6585018c7db0662aa629

SHA256
801317463bd116e603878c7c106093ba7db2bece11e691793e93065223fc7046

SHA512
8e632f141daf44bc470f8ee677c6f0fdcbcacbfce1472d928576bf7b9f91d6b76639d18e386d5e1c97e538a8fe19dd2d22ea47ae1acf138a0925e3c6dd156378

Download Submit
memory/2608-114-0x000007FEF6600000-0x000007FEF6A6E000-memory.dmp

Filesize
4.4MB

Download