Overview

overview

10

Static

static

3

cca0b8ac2b...af.exe

windows7-x64

7

cca0b8ac2b...af.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    27-11-2024 19:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cca0b8ac2bdc6e900888b1970b2aa05d3b987bda8c4be17f01c0fa69eb3b7baf.exe

  • Size

    12.8MB

  • MD5

    af07c2cf51596a75173523156e27297f

  • SHA1

    9f205a5a6e4ce65d3d313b1f5c160412fa04d58e

  • SHA256

    cca0b8ac2bdc6e900888b1970b2aa05d3b987bda8c4be17f01c0fa69eb3b7baf

  • SHA512

    1bf467eb605f8dcdca18c5aec8402a7184b806737465fe2d1b2413d01cacccec8cee3a51e8523396d332dbacf1ce5b4b3aaa92f4475c9cd781bba6b9ad89bf08

  • SSDEEP

    393216:UJdkewtByxjBIn8iK1piXLGVEgMoEODXXs5kYHZsbAo:U+tAjhDiXHjoRLAsbAo

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cca0b8ac2bdc6e900888b1970b2aa05d3b987bda8c4be17f01c0fa69eb3b7baf.exe
    "C:\Users\Admin\AppData\Local\Temp\cca0b8ac2bdc6e900888b1970b2aa05d3b987bda8c4be17f01c0fa69eb3b7baf.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2092
    • C:\Users\Admin\AppData\Local\Temp\cca0b8ac2bdc6e900888b1970b2aa05d3b987bda8c4be17f01c0fa69eb3b7baf.exe
      "C:\Users\Admin\AppData\Local\Temp\cca0b8ac2bdc6e900888b1970b2aa05d3b987bda8c4be17f01c0fa69eb3b7baf.exe"
      2⤵
      • Loads dropped DLL
      PID:2372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI20922\python313.dll
    Filesize

    1.8MB

    MD5

    d99ac8bac1343105b642295397ca2ffc

    SHA1

    93fd73c1fb9ee99ddc66d38885a657cf81f62836

    SHA256

    9116e56cedeb1c4ae82b4bde560f2fe0b83a16764865012cbf5501673d3c5536

    SHA512

    89d30bc84978daf469008ffc347cbd3e189f1df2c1a302dedfc2b700267cc28c671c7c35b5e95ba29a300e7fda75ccfc720d2173ea6db6eb69978772c0b8339f

    Download Submit

  • memory/2372-63-0x000007FEF62E0000-0x000007FEF6943000-memory.dmp

    Filesize

    6.4MB

    Download