Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-12-2024 23:23

General

  • Target

    Built.exe

  • Size

    100.0MB

  • MD5

    104eb0741652d7f2a4a1166cb37dce46

  • SHA1

    eff0c864f476c97df93710ac508ec2289cf32a36

  • SHA256

    6d4cdd3322df1065d54364dead5a1b6f5d65fea1e7cd2ae5fac4de2877a2a2f3

  • SHA512

    85c2c0d6955ee210c38b744bfaadab7034d3b2ced6409e5b4384341679fe44a93b313ddc896aca1eb42fc0c1971175f7d73ab340e3ba794f72253734b2394129

  • SSDEEP

    196608:ikhhOZq5urErvI9pWjg/Qc+4o673pNrabenyzWtPMYnNcsZ:byeurEUWjZZ4dDLIeyzWtPTNzZ

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Built.exe
    "C:\Users\Admin\AppData\Local\Temp\Built.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2092
    • C:\Users\Admin\AppData\Local\Temp\Built.exe
      "C:\Users\Admin\AppData\Local\Temp\Built.exe"
      2⤵
      • Loads dropped DLL
      PID:2784

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI20922\python312.dll

    Filesize

    1.7MB

    MD5

    eb02b8268d6ea28db0ea71bfe24b15d6

    SHA1

    86f723fcc4583d7d2bd59ca2749d4b3952cd65a5

    SHA256

    80222651a93099a906be55044024d32e93b841c83554359d6e605d50d11e2e70

    SHA512

    693bbc3c896ad3c6044c832597f946c778e6c6192def3d662803e330209ec1c68d8d33bd82978279ae66b264a892a366183dcef9a3a777e0a6ee450a928268e2

  • memory/2784-23-0x000007FEF6110000-0x000007FEF67D5000-memory.dmp

    Filesize

    6.8MB

  • memory/2784-44-0x000007FEF6110000-0x000007FEF67D5000-memory.dmp

    Filesize

    6.8MB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.