Overview

overview

10

Static

static

c249af7c49...9f.exe

windows7_x64

5

c249af7c49...9f.exe

windows10_x64

10

Analysis

  • max time kernel
    135s
  • max time network
    100s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    15-06-2021 17:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c249af7c493de4fe8a147333d5197461a6daa1f60393b5bdb5b74128dfc17b9f.exe

  • Size

    1.1MB

  • MD5

    ec926f3d4237e3aa70852c25c156df18

  • SHA1

    c1d7970a15b0d4aa256df6d76e6862ac18d0c9b8

  • SHA256

    c249af7c493de4fe8a147333d5197461a6daa1f60393b5bdb5b74128dfc17b9f

  • SHA512

    b5a175bb9fbbf53f6c2c5ea0926ffdcddced47c3cadb50eef70d6bc91cb34094d97c20e51e6f693762bf9bc6aaf2b2803e4ff9173b97083bafb5db4fc9f2c8df

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 13 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c249af7c493de4fe8a147333d5197461a6daa1f60393b5bdb5b74128dfc17b9f.exe
    "C:\Users\Admin\AppData\Local\Temp\c249af7c493de4fe8a147333d5197461a6daa1f60393b5bdb5b74128dfc17b9f.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:1272

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1272-59-0x0000000075591000-0x0000000075593000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1272-60-0x0000000000240000-0x0000000000241000-memory.dmp
    Filesize

    4KB

    Download