c58ae92e7e0f601e20255e3827ec2460fe63d940a38665937bc0b8300947b4fc

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7-20241023-en
resource tags

arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
submitted
22-01-2025 20:02

Target

Built.exe
Size

5.9MB
MD5

732bd39243a17a3f9171f018efffb376
SHA1

0cbb03427a453203b7fd3994cee583b3aca000b0
SHA256

c58ae92e7e0f601e20255e3827ec2460fe63d940a38665937bc0b8300947b4fc
SHA512

e191ce6fd47c4df376feec2db6bfdd637ca8e6262ef8ecd31566288f522e67649e4968e14b9051ebd15c35abd54d214c1954ebca043d2344e2437942e4795be9
SSDEEP

98304:4KfrAEH3uYDUki65sn6Wfz7pnxCb3AtZC0VZHtKpbzL8SG2XATHsJcskH4nPjZR/:4WrAEXuYDUCDOYbwtZVZibPpG2QrsJca

Score

7^/10

upx

Loads dropped DLL 1 IoCs

pid	Process
2260	Built.exe

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/files/0x0005000000018704-21.dat	upx

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2260	Built.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1556 wrote to memory of 2260	1556	Built.exe	30
PID 1556 wrote to memory of 2260	1556	Built.exe	30
PID 1556 wrote to memory of 2260	1556	Built.exe	30

C:\Users\Admin\AppData\Local\Temp\Built.exe
"C:\Users\Admin\AppData\Local\Temp\Built.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1556
- C:\Users\Admin\AppData\Local\Temp\Built.exe
  "C:\Users\Admin\AppData\Local\Temp\Built.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious behavior: GetForegroundWindowSpam
  PID:2260

C:\Users\Admin\AppData\Local\Temp\_MEI15562\python310.dll

Filesize
1.4MB

MD5
76cb307e13fbbfb9e466458300da9052

SHA1
577f0029ac8c2dd64d6602917b7a26bcc2b27d2b

SHA256
95066c06d9ed165f0b6f34079ed917df1111bd681991f96952d9ee35d37dc615

SHA512
f15b17215057433d88f1a8e05c723a480b4f8bc56d42185c67bb29a192f435f54345aa0f6d827bd291e53c46a950f2e01151c28b084b7478044bd44009eced8f

Download Submit
memory/2260-23-0x000007FEF5E60000-0x000007FEF62CE000-memory.dmp

Filesize
4.4MB

Download
memory/2260-24-0x000007FEF5E60000-0x000007FEF62CE000-memory.dmp

Filesize
4.4MB

Download