Overview

overview

10

Static

static

10

source_prepared.exe

windows7-x64

7

source_prepared.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    14s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    31-12-2024 13:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    source_prepared.exe

  • Size

    75.1MB

  • MD5

    976291f94884c81ac960f2cc14c8e928

  • SHA1

    ee40881dedc8941026e28ced3139370607fc9eca

  • SHA256

    f1d5a873c18d634aa1c3d9646a021f357784dadcb1629f5d3bebf4ebac15a27f

  • SHA512

    c2e7013f760da5a91010c8e10983d36e74fcb737bd7aa42af245c66684d3e0c040923ba4ef731c71cc71f38e2069c23e3aacbc6c9614aa1cb45b4432a10d7e0f

  • SSDEEP

    1572864:M21lIO0USk8IpG7V+VPhqEsE71Hln1AiYKrhbOoAkCl6Xi0guQ8WgF:FW+SkB05awEbHlDrFoB6Xi0tQ8W

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\source_prepared.exe
    "C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2380
    • C:\Users\Admin\AppData\Local\Temp\source_prepared.exe
      "C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"
      2⤵
      • Loads dropped DLL
      PID:1632

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI23802\python39.dll
    Filesize

    1.4MB

    MD5

    1661de9dc158325038ea32685a182107

    SHA1

    31a5b206059bfbdd333a43e800cb466f5e5a4d1a

    SHA256

    21396ce6f622f16d6cba3d8ac1f469654fa49d9edd57d407919012fe26b03a0c

    SHA512

    d8c50191f5adbca5b5d2693b13453765d0130ebcef6f4525865b2f7b93863134592aa3c0c91f92c7d5edb3d8ddf5a190ec76417717250035bcd66aeb11510656

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI23802\setuptools-49.2.1.dist-info\INSTALLER
    Filesize

    4B

    MD5

    365c9bfeb7d89244f2ce01c1de44cb85

    SHA1

    d7a03141d5d6b1e88b6b59ef08b6681df212c599

    SHA256

    ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508

    SHA512

    d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

    Download Submit

  • memory/1632-1273-0x000007FEF6880000-0x000007FEF6D01000-memory.dmp

    Filesize

    4.5MB

    Download