Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
19-11-2024 23:32
Behavioral task
behavioral1
Sample
build.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
build.exe
Resource
win10v2004-20241007-en
General
-
Target
build.exe
-
Size
80.7MB
-
MD5
f8176b8ba45b99600d329406b8c892ef
-
SHA1
b28aed023639fb9155c1b326f3bfcc278730e76a
-
SHA256
78d034e0ae926ef07622d3996b628f13b7132bbd8871c1988c38d4edb5c4ee93
-
SHA512
aa9df7375d5d1ba27e00a18a44723439cb6731b40bf171c10d5784d403207605a3ba22a3728c31d1bf750ebda0b17a7f49b38ba76fbb902ac863ef555fded74d
-
SSDEEP
1572864:OGKlgWj60hSk8IpG7V+VPhqHJE7bbli08iYgj+h58sMw5D7Zcj:fKiQSkB05awHAw0259H
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 1992 build.exe -
resource yara_rule behavioral1/files/0x0003000000020abc-1264.dat upx behavioral1/memory/1992-1266-0x000007FEF63D0000-0x000007FEF69B8000-memory.dmp upx -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1728 wrote to memory of 1992 1728 build.exe 31 PID 1728 wrote to memory of 1992 1728 build.exe 31 PID 1728 wrote to memory of 1992 1728 build.exe 31
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.6MB
MD587b5d21226d74f069b5ae8fb74743236
SHA1153651a542db095d0f9088a97351b90d02b307ac
SHA2563cac88119657daef7f79844aeb9da79b45c1f3bb2ea3468b0d4ed26067852194
SHA512788bb26b3f4ce99a2b49eef2742972fe843bdd97d361a6e67237f29376648ea6f874f1f6ba6dd53c74ef51a29e650a02fb99dfc30b5badfa9d2e05491f81d7d6