Overview

overview

10

Static

static

3

cracked vi...ic.exe

windows7-x64

7

cracked vi...ic.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    27-12-2024 20:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cracked vixen public.exe

  • Size

    9.3MB

  • MD5

    74c99cf85dc1aae39f394292577fe2b9

  • SHA1

    9bb343e7505cbeca972215447981be6fb1f7be6f

  • SHA256

    b20c992d51e473212fe16dec2b5f865dceadc85194e6539065923e04e5b381ca

  • SHA512

    8f136022f8a814f6900ff23e2f41547514df72fef576628b8cd8a3b0338537013e25c9219c9e255cb0dad182239db54b72a6ac5cc51059af4c73399abe2f7597

  • SSDEEP

    196608:p1LtmL/PHdzymvNm1E8giq1g9K5RHvUWvogWOxu9kXwvdbD903N/nbHCd9:Dt8/vYm1m1NqV5RHdBbAlbJ03tT2

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cracked vixen public.exe
    "C:\Users\Admin\AppData\Local\Temp\cracked vixen public.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2296
    • C:\Users\Admin\AppData\Local\Temp\cracked vixen public.exe
      "C:\Users\Admin\AppData\Local\Temp\cracked vixen public.exe"
      2⤵
      • Loads dropped DLL
      PID:2912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22962\python310.dll
    Filesize

    1.4MB

    MD5

    018dfe78afe5062c01dffbe60545f7e5

    SHA1

    e5659111f6fd30c8b1140cbb1b5b094003d96793

    SHA256

    639283586b67d53b98858ff3a238248299b86a95171015ce6f96cc2ccf8209ca

    SHA512

    168e9b9b31a0e4c291616b90e2c0ef836e8f07a1d776c48621979d4ef6b8cd7ece52fd2d920b44821a48055c5d89bd2ff4286d23f0c9c0c996a89d6c51b3055a

    Download Submit

  • memory/2912-48-0x000007FEF5750000-0x000007FEF5BBA000-memory.dmp

    Filesize

    4.4MB

    Download