Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
01-07-2024 09:26
Behavioral task
behavioral1
Sample
IROX.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
IROX.exe
Resource
win10v2004-20240508-en
General
-
Target
IROX.exe
-
Size
11.9MB
-
MD5
1b939044c83d581d9315af108e3850b7
-
SHA1
0f48d47102bbab243787179f744bcf9e9a6956f1
-
SHA256
907667d4817b5d6d14c6dcf985846d694f15ff0c2ce222706724917b2a9a61e3
-
SHA512
ad2f67f22657db6f3d037d29e2d116dfd9e98da060be85be61ccce22a0639792267ebf0c0fd810fde689729362a5da2545eab73a17999cc964b759cab9fa538c
-
SSDEEP
196608:+K2QY2an1SULDfyGlW21X5Sp6GemDMPwYWtvwYlB9X0/bClL171s7aLkzQPhBy1:hY2afLDfDllpfaMPiF9EMJ+7aYsy1
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
IROX.exepid process 2544 IROX.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
IROX.exedescription pid process target process PID 2736 wrote to memory of 2544 2736 IROX.exe IROX.exe PID 2736 wrote to memory of 2544 2736 IROX.exe IROX.exe PID 2736 wrote to memory of 2544 2736 IROX.exe IROX.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI27362\python311.dllFilesize
5.5MB
MD5e2bd5ae53427f193b42d64b8e9bf1943
SHA17c317aad8e2b24c08d3b8b3fba16dd537411727f
SHA256c4844b05e3a936b130adedb854d3c04d49ee54edb43e9d36f8c4ae94ccb78400
SHA512ae23a6707e539c619fd5c5b4fc6e4734edc91f89ebe024d25ff2a70168da6105ac0bd47cf6bf3715af6411963caf0acbb4632464e1619ca6361abf53adfe7036