Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
30-06-2024 18:15
Behavioral task
behavioral1
Sample
SOSA.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
SOSA.exe
Resource
win10v2004-20240611-en
General
-
Target
SOSA.exe
-
Size
6.4MB
-
MD5
4ecd7183076c4d8229664cee5199dde1
-
SHA1
a5902727332c61356128a6f6492798e26535fd82
-
SHA256
203b1ecdbcd0747b3c8e3fdd19a92e49a7e35054ae85b615b12eb8cb7248bed0
-
SHA512
5895136dcc5439b2c8de03d0f80cdf9f1c1236eb1dcead39179d16d706dbae45ae5dcff442e1f4cab6d4005eeba7e1b1699c81184f55a3414ec858cf312cf92c
-
SSDEEP
196608:3d9YF1S+DfyGz21X5Sp6GemDMPwuWA9Plae:HYvDfD6pfaMPfzae
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
SOSA.exepid process 2140 SOSA.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
SOSA.exedescription pid process target process PID 1740 wrote to memory of 2140 1740 SOSA.exe SOSA.exe PID 1740 wrote to memory of 2140 1740 SOSA.exe SOSA.exe PID 1740 wrote to memory of 2140 1740 SOSA.exe SOSA.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI17402\python311.dllFilesize
5.5MB
MD5e2bd5ae53427f193b42d64b8e9bf1943
SHA17c317aad8e2b24c08d3b8b3fba16dd537411727f
SHA256c4844b05e3a936b130adedb854d3c04d49ee54edb43e9d36f8c4ae94ccb78400
SHA512ae23a6707e539c619fd5c5b4fc6e4734edc91f89ebe024d25ff2a70168da6105ac0bd47cf6bf3715af6411963caf0acbb4632464e1619ca6361abf53adfe7036