Analysis
-
max time kernel
16s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
09-02-2025 19:20
General
-
Target
source_prepared.exe
-
Size
83.1MB
-
MD5
814dc1bea8267c6ae801342770484b0f
-
SHA1
677b96f1d6b95d7ce8043f22e1fa17a07c0f5729
-
SHA256
54688d6636962043c25c84278eddc01863a5a2d43a57e00e1b33d519ad2924c6
-
SHA512
1821be5eb0d44b90ae899fadf3f1243573a396b986a5495b183ca2fe7b1523dc7eeaaf6c94f1756b42fd5204e8453c5db6ae6232877d05d796c98b57a6b75c1b
-
SSDEEP
1572864:xVjlVWU6eFm7OkiqOv8im2ARxE71lhpBB8iYweyJulZUdgP7mNhDzcv7ZH1O3:jb0eFm7OknOv8i3KGLpnNpur7ihnOrO3
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.7MB
MD571070618402c15a2fad5ca70c9ef7297
SHA134fedbf17a57010c5cd20ef4e690616859cc8e68
SHA2567d35a191edb95ccd85ef05d645deeca3ed1febd9acd659569fab56ae06c1ebdf
SHA51281ef8749f5c3dbd586ddbbcf26cd6c80607a5cc9c26e31c912f454ca56013082174e2012a507739ec1e9c5a2f019bf0ca6bd3ce18880abdbff0ba5f8f3cbbf28
-
Filesize
6.8MB