Analysis
-
max time kernel
15s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
-
submitted
04-07-2024 08:27
General
-
Target
RadScript-LMT.exe
-
Size
19.1MB
-
MD5
25cfe3f6f6b47138bfa5355390c6ffa8
-
SHA1
cdd13d7c9357617c0ee33fffc808e6d8fc0b36e5
-
SHA256
3861d7fe3442f5655f97538efeb8e275e0b4f5073d278ebd6ed0c1402f664f63
-
SHA512
a83056c0564bbedb5d99d7cee67f5f192170505c67dc73f87b1621b742b40b7487c831d6cae9ff1fd6b68ebf782770abf36a652f1e51bfc39c3b38c9739a740d
-
SSDEEP
393216:kqPnLFXlrFWmQ6DOETgsvfGFNgw91rvO4Enz8BHxT7m:FPLFXNFRQrEYvqL8BHA
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\RadScript-LMT.exe"C:\Users\Admin\AppData\Local\Temp\RadScript-LMT.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\RadScript-LMT.exe"C:\Users\Admin\AppData\Local\Temp\RadScript-LMT.exe"2⤵
- Loads dropped DLL
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\_MEI21082\python310.dllFilesize
1.4MB
MD569d4f13fbaeee9b551c2d9a4a94d4458
SHA169540d8dfc0ee299a7ff6585018c7db0662aa629
SHA256801317463bd116e603878c7c106093ba7db2bece11e691793e93065223fc7046
SHA5128e632f141daf44bc470f8ee677c6f0fdcbcacbfce1472d928576bf7b9f91d6b76639d18e386d5e1c97e538a8fe19dd2d22ea47ae1acf138a0925e3c6dd156378
-
memory/1952-123-0x000007FEF60C0000-0x000007FEF652E000-memory.dmpFilesize
4.4MB