Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
-
submitted
04-07-2024 21:49
General
-
Target
source_prepared.exe
-
Size
76.7MB
-
MD5
a81fca6de5462d0ffb70eb6f7d963d83
-
SHA1
a4f153c02a967d8ed2dea3facfe8929908fef0ad
-
SHA256
e9bf19c453137ac594f19fc208cd25db49831c63f40d5818a3f01f451cbe6a14
-
SHA512
428fe696a1f9379be38806f070aabd4010121cfaf845492cc190070bea74be33304fda7d76a49dc727fe16d04fc38ab5709077f37c01d9065fda22e768c2fd61
-
SSDEEP
1572864:kvHcRl9WSk8IpG7V+VPhqb+TTE73lHt7fETiYweyJulZUdg1I6MWhfBcmDta9:kvHcRySkB05awb+TMdeMpuJvMg1ta9
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"2⤵
- Loads dropped DLL
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI18002\python312.dllFilesize
1.7MB
MD5f23aa992b8e0a301ec8f473d6b784f4b
SHA1ee73a5da238341cb21a781a3ddcb187d1f971680
SHA2560ddfba7779ebc44f2fa819a78b54bc730a5543274986e973beee024fab0ecfc6
SHA512028abb66298fee6173d34f80940f5bdd3988a8373234f32a780ae93e155d90af191d85164077d9b76dc3651bda4d9902ccbfd03d37be3e9662006b65c3defb35
-
memory/2612-1254-0x000007FEF5AE0000-0x000007FEF61B0000-memory.dmpFilesize
6.8MB