Overview

overview

10

Static

static

10

Baguettetools.exe

windows7-x64

7

Baguettetools.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    02-12-2024 04:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Baguettetools.exe

  • Size

    83.9MB

  • MD5

    97b5214b858cc3ae3e65c0142f8b4cf8

  • SHA1

    8d87e3804fd95c370b663afc5bf3e1fad8c48bd3

  • SHA256

    77aeb68357c25d368dde1bbd7b17fae099c6a44bce15b7010de3e98f0dcb813b

  • SHA512

    3bb36cf8115cabb9bb5f2898425f852e56d9f7a563a835ef60bff45176d0ab3a9092f50b689124248d4ac464da0c31049e09a3e465079a4b9c194a767b781467

  • SSDEEP

    1572864:mvhlTybmP71O4zTLQBNkKTPa4z0Z7TUjsh5BAcLs3Vwpgx5+P7fEbIn:mZlTybhq0TkKTbzafJW3VwpU+IbI

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Baguettetools.exe
    "C:\Users\Admin\AppData\Local\Temp\Baguettetools.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1800
    • C:\Users\Admin\AppData\Local\Temp\Baguettetools.exe
      "C:\Users\Admin\AppData\Local\Temp\Baguettetools.exe"
      2⤵
      • Loads dropped DLL
      PID:2772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI18002\python312.dll
    Filesize

    1.7MB

    MD5

    86d9b8b15b0340d6ec235e980c05c3be

    SHA1

    a03bdd45215a0381dcb3b22408dbc1f564661c73

    SHA256

    12dbbcd67015d6cdb680752184107b7deb84e906b0e8e860385f85d33858a5f6

    SHA512

    d360cc3f00d90fd04cbba09d879e2826968df0c1fdc44890c60b8450fe028c3e767450c3543c62d4f284fb7e004a9a33c52538c2279221ee6cbdb1a9485f88b2

    Download Submit

  • memory/2772-24-0x000007FEF5B90000-0x000007FEF6260000-memory.dmp

    Filesize

    6.8MB

    Download