Overview

overview

10

Static

static

10

da5f0322d3...24.exe

windows7-x64

7

da5f0322d3...24.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2025 03:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    da5f0322d31a05d525ee8b37a748670be35647c692a85fdb8997742f5fed3524.exe

  • Size

    6.9MB

  • MD5

    dd7004fc866d6f2872e0771b24d8d206

  • SHA1

    adc25bdc1d43c2fe970870f3f1152029056591f2

  • SHA256

    da5f0322d31a05d525ee8b37a748670be35647c692a85fdb8997742f5fed3524

  • SHA512

    bb64b65790b28cbf78723e49ff21ecfe6d081f41ccccbdc2df1d3ebbd52c05f3e623c49d45820307bd1218bd8412a5ef574870f28e22898f7dfbbdfa72e69dee

  • SSDEEP

    98304:Hr7YzdbM+Q2y+RvK/+6jOjFgFQlwq4Mjk+dBZtu9xTtwz/aer6/BbLqledV1BqDS:Hr7e/vQOjmFQR4MVGFtwLPNledV1YnO

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\da5f0322d31a05d525ee8b37a748670be35647c692a85fdb8997742f5fed3524.exe
    "C:\Users\Admin\AppData\Local\Temp\da5f0322d31a05d525ee8b37a748670be35647c692a85fdb8997742f5fed3524.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1196
    • C:\Users\Admin\AppData\Local\Temp\da5f0322d31a05d525ee8b37a748670be35647c692a85fdb8997742f5fed3524.exe
      "C:\Users\Admin\AppData\Local\Temp\da5f0322d31a05d525ee8b37a748670be35647c692a85fdb8997742f5fed3524.exe"
      2⤵
      • Loads dropped DLL
      PID:2316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI11962\python311.dll
    Filesize

    1.6MB

    MD5

    9e985651962ccbccdf5220f6617b444f

    SHA1

    9238853fe1cff8a49c2c801644d6aa57ed1fe4d2

    SHA256

    3373ee171db8898c83711ec5067895426421c44f1be29af96efe00c48555472e

    SHA512

    8b8e68bbe71dcd928dbe380fe1a839538e7b8747733ba2fd3d421ba8d280a11ba111b7e8322c14214d5986af9c52ab0c75288bbb2a8b55612fb45836c56ddc36

    Download Submit

  • memory/2316-23-0x000007FEF5230000-0x000007FEF5819000-memory.dmp

    Filesize

    5.9MB

    Download