Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2024 20:21

General

  • Target

    stub.exe

  • Size

    7.7MB

  • MD5

    b8cb92022d2d0b589122f836c598b8ae

  • SHA1

    a17d242ff6a6ff013d4720d32c6187c71958055a

  • SHA256

    b526c8e7793e049c4a197f57292cc81273f1a8e4bd31e658cc2bbd32520a08f5

  • SHA512

    a0a83eba14a01073cbbee9c3e8712dfb656f44217d73513b4175c17fede8dc0cf4308d85d45e4bbc60ea871415fa0689d58212280644e41776800c9a70b3e5ab

  • SSDEEP

    98304:pmvcHCIfhvpjkMD/x/0feyGgatjLDQ940BDlgwdnpka9R/k9t+2YrzUGt+RuB8lg:p4OpjlDfyGg0DwBdnpkYRM+8RuM9

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\stub.exe
    "C:\Users\Admin\AppData\Local\Temp\stub.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1812
    • C:\Users\Admin\AppData\Local\Temp\stub.exe
      "C:\Users\Admin\AppData\Local\Temp\stub.exe"
      2⤵
      • Loads dropped DLL
      PID:2712

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI18122\python310.dll

    Filesize

    4.3MB

    MD5

    63a1fa9259a35eaeac04174cecb90048

    SHA1

    0dc0c91bcd6f69b80dcdd7e4020365dd7853885a

    SHA256

    14b06796f288bc6599e458fb23a944ab0c843e9868058f02a91d4606533505ed

    SHA512

    896caa053f48b1e4102e0f41a7d13d932a746eea69a894ae564ef5a84ef50890514deca6496e915aae40a500955220dbc1b1016fe0b8bcdde0ad81b2917dea8b