Overview

overview

5

Static

static

E4B1AD053F...F7.exe

windows7_x64

5

E4B1AD053F...F7.exe

windows10_x64

5

Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    08-04-2021 06:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    E4B1AD053F5D7E857BB97CE7AA9621F7.exe

  • Size

    1.2MB

  • MD5

    e4b1ad053f5d7e857bb97ce7aa9621f7

  • SHA1

    f6dcf2a3750876e11425bfb10898a1bbaf975e2e

  • SHA256

    6ba6ef7ab8dc9df565a48e90a2c25b1da40a84a55a9257576bd125a4fb56e708

  • SHA512

    bad79be7e8e833e5141acc0a55a5638cc1b4b003883c4af7b1b212729a62674c5fdde58b2a85c6ced2161cda9442ed28b2552c89287603c73debf31857a51baa

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\E4B1AD053F5D7E857BB97CE7AA9621F7.exe
    "C:\Users\Admin\AppData\Local\Temp\E4B1AD053F5D7E857BB97CE7AA9621F7.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/328-2-0x00000000761E1000-0x00000000761E3000-memory.dmp
    Filesize

    8KB

    Download
  • memory/328-3-0x00000000003F0000-0x00000000003F1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/328-4-0x00000000003F0000-0x00000000003F1000-memory.dmp
    Filesize

    4KB

    Download