d45f541b13139346d518b1ab79a5f70dda19ab6359327d7b76ab91a459813754 | Triage

Analysis

max time kernel
366s
max time network
471s
platform
windows10_x64
resource
win10v20210410
submitted
18-08-2021 18:23

Sharing

Report Analysis Logs

General

Target

cscppcom.exe
Size

4.9MB
MD5

04a8ed2b6c2c28ab276ce2f93dbb94d4
SHA1

d738e6254bf9b2b5584e483e37fabbc460e970c8
SHA256

893994002bd922c9c59b7d2c9619894dec365775c6b2d84dafbf416d2cd8ee83
SHA512

d7c4d6ba287ecbcdf6f302617431f0eb3c994ea5a6c4ede850106d4de1e7b03f3c80e49a86be3b6e66f4df81b7762963c9d52c28b7c4e61c6c80654a047ff736

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes:

cscppcom.exe

pid process

3400 cscppcom.exe
Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

cscppcom.exe

pid process

3400 cscppcom.exe
3400 cscppcom.exe

C:\Users\Admin\AppData\Local\Temp\cscppcom.exe
"C:\Users\Admin\AppData\Local\Temp\cscppcom.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
PID:3400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3400-117-0x0000000140000000-0x000000014082E000-memory.dmp

Filesize
8.2MB

Download
memory/3400-118-0x00007FF8506D0000-0x00007FF8506D2000-memory.dmp

Filesize
8KB

Download