52c01c7aeee30b32a84169a67aaf209252acd27d115cbc69330f5097da3778fc

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
27-12-2024 18:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

reakcja.exe
Size

39.9MB
MD5

be5a895b5dba9fff017cccd58c09f664
SHA1

d607399d5214be29a0c1219fa38c3465bd763ef7
SHA256

52c01c7aeee30b32a84169a67aaf209252acd27d115cbc69330f5097da3778fc
SHA512

ba3813c62a6699e71a3f78a546c23297aff39590ea7881f297cd065dd6a671f294ac4ddce46e548b25226a18443742f4ec357f7db616058964794617f4bf364d
SSDEEP

786432:SddQtsRPJBqdUUTLJHddQiLP2j6+s7LWB75zupiPJVEEe3MGYdycP1iXDlUC:kdQt6P/RUTdHdpP2qHWB75ioPkE8MGAE

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 7 IoCs

pid	Process
1996	reakcja.exe
1996	reakcja.exe
1996	reakcja.exe
1996	reakcja.exe
1996	reakcja.exe
1996	reakcja.exe
1996	reakcja.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2092 wrote to memory of 1996	2092	reakcja.exe	31
PID 2092 wrote to memory of 1996	2092	reakcja.exe	31
PID 2092 wrote to memory of 1996	2092	reakcja.exe	31

C:\Users\Admin\AppData\Local\Temp\reakcja.exe
"C:\Users\Admin\AppData\Local\Temp\reakcja.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2092
- C:\Users\Admin\AppData\Local\Temp\reakcja.exe
  "C:\Users\Admin\AppData\Local\Temp\reakcja.exe"
  2⤵
  - Loads dropped DLL
  PID:1996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\_MEI20922\python311.dll

Filesize
5.5MB

MD5
9a24c8c35e4ac4b1597124c1dcbebe0f

SHA1
f59782a4923a30118b97e01a7f8db69b92d8382a

SHA256
a0cf640e756875c25c12b4a38ba5f2772e8e512036e2ac59eb8567bf05ffbfb7

SHA512
9d9336bf1f0d3bc9ce4a636a5f4e52c5f9487f51f00614fc4a34854a315ce7ea8be328153812dbd67c45c75001818fa63317eba15a6c9a024fa9f2cab163165b

Download Submit
C:\Users\Admin\AppData\Local\Temp\_MEI20922\ucrtbase.dll

Filesize
1.1MB

MD5
b0397bb83c9d579224e464eebf40a090

SHA1
81efdfe57225dfe581aafb930347535f08f2f4ce

SHA256
d2ebd8719455ae4634d00fd0d0eb0c3ad75054fee4ff545346a1524e5d7e3a66

SHA512
e72a4378ed93cfb3da60d69af8103a0dcb9a69a86ee42f004db29771b00a606fbc9cbc37f3daa155d1d5fe85f82c87ca9898a39c7274462fcf5c4420f0581ab3

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI20922\api-ms-win-core-file-l1-2-0.dll

Filesize
20KB

MD5
b59d773b0848785a76baba82d3f775fa

SHA1
1b8dcd7f0e2ab0ba9ba302aa4e9c4bfa8da74a82

SHA256
0dc1f695befddb8ee52a308801410f2f1d115fc70668131075c2dbcfa0b6f9a0

SHA512
cbd52ed8a7471187d74367aa03bf097d9eac3e0d6dc64baf835744a09da0b050537ea6092dcb8b1e0365427e7f27315be2145c6f853ef936755ad07ef17d4a26

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI20922\api-ms-win-core-file-l2-1-0.dll

Filesize
20KB

MD5
4c9bf992ae40c7460a029b1046a7fb5e

SHA1
79e13947af1d603c964cce3b225306cadff4058b

SHA256
18655793b4d489f769327e3c8710aced6b763c7873b6a8dc5ae6f28d228647f4

SHA512
c36d455ac79a73758f6090977c204764a88e929e8eaa7ce27a9c9920451c014e84ae98beb447e8345a8fa186b8c668b076c0ed27047a0e23ad2eeaf2cbc3a8d8

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI20922\api-ms-win-core-localization-l1-2-0.dll

Filesize
20KB

MD5
9d8e7a90dd0d54b7ccde435b977ee46d

SHA1
15cd12089c63f4147648856b16193cf014e6764f

SHA256
dc570708327c4c8419d4cced2a162d7ca112a168301134dd1fb5e2040eee45b6

SHA512
339fe195602355bce26a2526613a212271e7f8c7518d591b9e3c795c154d93b29b8c524b2c3678c799d0ea0101eabea918564e49def0b915af0619e975f1c34b

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI20922\api-ms-win-core-processthreads-l1-1-1.dll

Filesize
20KB

MD5
d399c926466f044f183faa723ba59120

SHA1
a9534b4910888d70eefba6fcc3376f2549cb4a05

SHA256
19b018be16afe143fb107ef1dd5b8e6c6cb45966806eb3d31ec09ff0dc2b70d1

SHA512
fc55f4cfe7c6c63e0720971d920c5c6ead4db74a671f7bb8dc830aa87cb54459a62e974456875bdfda449d82a0acb368e3b6c2cc20c32b1b407e8de7cc532057

Download Submit
\Users\Admin\AppData\Local\Temp\_MEI20922\api-ms-win-core-timezone-l1-1-0.dll

Filesize
20KB

MD5
ea5f768b9a1664884ae4ae62cec90678

SHA1
ae08e80431da7f4e8f1e5457c255cc360ef1cac0

SHA256
24f4530debf2161e0d0256f923b836aeccc3278a6ff2c9400e415600276b5a6d

SHA512
411db31e994ebbc69971972e45d6e51186d8f8790e8c67660b6a846e48a5a5c53a113916a5a15d14c33d8c88037d7f252135e699cb526c4bb3b5abd2e2dfee7c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads