86bc475a8d476e5ad135780113a68239370fd53c49881b3cab5184b1e13ab1f1 | Triage

Analysis

max time kernel
12s
max time network
111s
platform
windows10_x64
resource
win10v20201028
submitted
01-03-2021 02:49

Sharing

Report Analysis Logs

General

Target

86bc475a8d476e5ad135780113a68239370fd53c49881b3cab5184b1e13ab1f1.exe
Size

5.6MB
MD5

a793302c6504f8ec41baf34bef9e44df
SHA1

4bc7229200b5671728396a129c4eb606b087111a
SHA256

86bc475a8d476e5ad135780113a68239370fd53c49881b3cab5184b1e13ab1f1
SHA512

9edee9fdbbbec88e8b045ab20447ffaaee602cb6f9bd0e029fa7bec519f30901d873f7905c849eff5b5896e93603f744a4ebe3530d0fc1ca013111abf96a7891

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes:

86bc475a8d476e5ad135780113a68239370fd53c49881b3cab5184b1e13ab1f1.exe

pid process

4640 86bc475a8d476e5ad135780113a68239370fd53c49881b3cab5184b1e13ab1f1.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

86bc475a8d476e5ad135780113a68239370fd53c49881b3cab5184b1e13ab1f1.exe

pid	process
4640	86bc475a8d476e5ad135780113a68239370fd53c49881b3cab5184b1e13ab1f1.exe
4640	86bc475a8d476e5ad135780113a68239370fd53c49881b3cab5184b1e13ab1f1.exe

C:\Users\Admin\AppData\Local\Temp\86bc475a8d476e5ad135780113a68239370fd53c49881b3cab5184b1e13ab1f1.exe
"C:\Users\Admin\AppData\Local\Temp\86bc475a8d476e5ad135780113a68239370fd53c49881b3cab5184b1e13ab1f1.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
PID:4640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4640-2-0x00000000004D0000-0x00000000004D1000-memory.dmp

Filesize
4KB

Download
memory/4640-3-0x00000000004C0000-0x00000000004C1000-memory.dmp

Filesize
4KB

Download