Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20-12-2024 13:37

General

  • Target

    senex-paid-UPDATED.exe

  • Size

    9.5MB

  • MD5

    6ecfc5d42916d5b53d00b9e148436bc3

  • SHA1

    f85dbed39900cef8125e946fd4a51da2efe7be04

  • SHA256

    c12d6ec3eb6e1967751332d8f19fd63f9115c39152497a61582323a067773d6a

  • SHA512

    8ee1711cab24013fb8064287b005ff2cd51cfac9585e86295b989d4bb3265fb77d272f8f23327e53dd2356ac32601f32fa7e56a1df0b8efa22f414e697453f58

  • SSDEEP

    196608:cArNeCxfbaX8iiis4hTJURfdeN0YFJMIDJ+gsAGKpRz6QOm5n82ygTdF:HJ7zaXZscJ6fGnFqy+gsizF1r

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\senex-paid-UPDATED.exe
    "C:\Users\Admin\AppData\Local\Temp\senex-paid-UPDATED.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:548
    • C:\Users\Admin\AppData\Local\Temp\senex-paid-UPDATED.exe
      "C:\Users\Admin\AppData\Local\Temp\senex-paid-UPDATED.exe"
      2⤵
      • Loads dropped DLL
      PID:2800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI5482\python310.dll

    Filesize

    1.4MB

    MD5

    196deb9a74e6e9e242f04008ea80f7d3

    SHA1

    a54373ebad306f3e6f585bcdf1544fbdcf9c0386

    SHA256

    20b004bfe69166c4961fee93163e795746df39fb31dc67399c0fde57f551eb75

    SHA512

    8c226d3ef21f3ddeee14a098c60ef030fa78590e9505d015ce63ea5e5bbcea2e105ff818e94653df1bddc9ba6ed3b376a1dff5c19266b623fa22cd75ac263b68

  • memory/2800-48-0x000007FEF62A0000-0x000007FEF670E000-memory.dmp

    Filesize

    4.4MB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.