ef47e1e2bafcd60e0d7cd52ead4758c3f25146b9098b2abb03e0276ab403af43

Analysis

max time kernel
121s
max time network
121s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
21-12-2024 18:22

Target

TotallyNotAimmyV3.exe
Size

6.9MB
MD5

92f4c5f91c765fbe48a22d370b59385f
SHA1

9ad58a29b270d9a1644657efdfa6e9da0ced7395
SHA256

ef47e1e2bafcd60e0d7cd52ead4758c3f25146b9098b2abb03e0276ab403af43
SHA512

b363b7352683ae3b4f2e2db87cb9f9f21a21f128a2265841e1b3520344a34cf54bcb6a94f32bc0a006f2a502ac117edf01265a0453dec1f720cafd8e0d53e932
SSDEEP

98304:snAkwN+MdA5wqSnWNrrd8MMhJMjarJaon7JPzf+JiUCS3swhzqgez7DovaDJ1n67:sAV1v/B6ylnlPzf+JiJCsmFMvln6hqgR

Score

7^/10

upx

Loads dropped DLL 1 IoCs

pid	Process
2164	TotallyNotAimmyV3.exe

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/files/0x00050000000193d4-22.dat	upx

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2492 wrote to memory of 2164	2492	TotallyNotAimmyV3.exe	30
PID 2492 wrote to memory of 2164	2492	TotallyNotAimmyV3.exe	30
PID 2492 wrote to memory of 2164	2492	TotallyNotAimmyV3.exe	30

C:\Users\Admin\AppData\Local\Temp\TotallyNotAimmyV3.exe
"C:\Users\Admin\AppData\Local\Temp\TotallyNotAimmyV3.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2492
- C:\Users\Admin\AppData\Local\Temp\TotallyNotAimmyV3.exe
  "C:\Users\Admin\AppData\Local\Temp\TotallyNotAimmyV3.exe"
  2⤵
  - Loads dropped DLL
  PID:2164

C:\Users\Admin\AppData\Local\Temp\_MEI24922\python311.dll

Filesize
1.6MB

MD5
1e76961ca11f929e4213fca8272d0194

SHA1
e52763b7ba970c3b14554065f8c2404112f53596

SHA256
8a0c27f9e5b2efd54e41d7e7067d7cb1c6d23bae5229f6d750f89568566227b0

SHA512
ec6ed913e0142a98cd7f6adced5671334ec6545e583284ae10627162b199e55867d7cf28efeaadce9862c978b01c234a850288e529d2d3e2ac7dbbb99c6cde9b

Download Submit
memory/2164-24-0x000007FEF5900000-0x000007FEF5EEA000-memory.dmp

Filesize
5.9MB

Download