Overview

overview

10

Static

static

10

Setup.exe

windows7-x64

7

Setup.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12-11-2024 17:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Setup.exe

  • Size

    80.0MB

  • MD5

    fd2819916f72c31cfe90bf0a4813b675

  • SHA1

    e425bfe12015c2680583dd7d6741e9c8ffa832d0

  • SHA256

    cee68a6283a15f03da36387a828e21d1e0c2118362e16aa0a4434a4d8ae173d5

  • SHA512

    7294f27066bc52a82f40e4c15da5b24497de8c3b16f44e1b2170659f6658483aa395f91d2899aa923900fe2e9f0fec9742007be64c0459a19cbab69058f77850

  • SSDEEP

    1572864:LGKlEWpO0hSk8IpG7V+VPhqYdf3xTivfSl6li0T5TPxfTcrb5try0mDXo4V:SKewbSkB05awcf3xen+6wKy5tryXXo0

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Setup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Users\Admin\AppData\Local\Temp\Setup.exe
      "C:\Users\Admin\AppData\Local\Temp\Setup.exe"
      2⤵
      • Loads dropped DLL
      PID:2004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI17282\python311.dll
    Filesize

    1.6MB

    MD5

    548809b87186356c7ac6421562015915

    SHA1

    8fa683eed7f916302c2eb1a548c12118bea414fa

    SHA256

    6c65da37cf6464507ad9d187a34f5b5d61544b83d831547642d17c01852599a1

    SHA512

    c0b63bf9908e23457cf6c2551219c7951bc1a164f3a585cde750b244fa628753ee43fde35f2aa76223fd9f90cf5ea582241ab510f7373a247eae0b26817198fc

    Download Submit

  • memory/2004-1259-0x000007FEF63C0000-0x000007FEF69B2000-memory.dmp

    Filesize

    5.9MB

    Download