Overview

overview

10

Static

static

8

03ff897da4...b3.exe

windows7_x64

7

03ff897da4...b3.exe

windows10_x64

7

10493d98a6...41.exe

windows7_x64

7

10493d98a6...41.exe

windows10_x64

7

11747d3247...67.exe

windows7_x64

7

11747d3247...67.exe

windows10_x64

San11 Tc/D...eg.htm

windows7_x64

1

San11 Tc/D...eg.htm

windows10_x64

1

San11 Tc/DrvMgt.dll

windows7_x64

1

San11 Tc/DrvMgt.dll

windows10_x64

1

San11 Tc/L...es.exe

windows7_x64

1

San11 Tc/L...es.exe

windows10_x64

1

San11 Tc/S...er.exe

windows7_x64

1

San11 Tc/S...er.exe

windows10_x64

1

San11 Tc/S...er.exe

windows7_x64

1

San11 Tc/S...er.exe

windows10_x64

1

San11 Tc/S...YS.exe

windows7_x64

San11 Tc/S...YS.exe

windows10_x64

San11 Tc/San11.exe

windows7_x64

8

San11 Tc/San11.exe

windows10_x64

8

San11 Tc/san11pk.exe

windows7_x64

3

San11 Tc/san11pk.exe

windows10_x64

1

San11 Tc/�...��.exe

windows7_x64

3

San11 Tc/�...��.exe

windows10_x64

10

23c9e16cc6...7b.exe

windows7_x64

5

23c9e16cc6...7b.exe

windows10_x64

5

36a18ae31f...d0.exe

windows7_x64

7

36a18ae31f...d0.exe

windows10_x64

7

4109a062b3...d4.exe

windows7_x64

8

4109a062b3...d4.exe

windows10_x64

8

CW3.exe

windows7_x64

1

CW3.exe

windows10_x64

1

Analysis

  • max time kernel
    192s
  • max time network
    236s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    20-10-2021 15:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b.exe

  • Size

    3.3MB

  • MD5

    4b7efd3940f856057ffe8c16c5381cb3

  • SHA1

    0eace6aed81b91ae898e768ad52d7f88ff15ff0d

  • SHA256

    23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b

  • SHA512

    1b243473f5632dd2bf55c8cce07cea7a09c6cbf99ce4bae59bce7cb15b592db6ace590ba797919564845564d52fc66b3b34ec5bb2477bb81264d6ba06603cc9d

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 24 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b.exe
    "C:\Users\Admin\AppData\Local\Temp\23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of AdjustPrivilegeToken
    PID:2860

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2860-118-0x0000000077350000-0x00000000774DE000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2860-119-0x0000000076180000-0x0000000076342000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-121-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-122-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-123-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-124-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-125-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-126-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-127-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-128-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-130-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-129-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-120-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-131-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-132-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-134-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-135-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-133-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-136-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-137-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-138-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-139-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-140-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-141-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-142-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-144-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-143-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-145-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-146-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-147-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-148-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-149-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-150-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-151-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-152-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-154-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-153-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-155-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-156-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-157-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-158-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-160-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-159-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-161-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-162-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-163-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-164-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-165-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-166-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-167-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-168-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-169-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-170-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-172-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-171-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-173-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-174-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-175-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-176-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-177-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-178-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-179-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-180-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-181-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-1986-0x0000000002C50000-0x0000000002DDF000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2860-1984-0x0000000002FB9000-0x000000000317C000-memory.dmp
    Filesize

    1.8MB

    Download
  • memory/2860-6983-0x0000000002ACA000-0x0000000002B9B000-memory.dmp
    Filesize

    836KB

    Download
  • memory/2860-6985-0x0000000000400000-0x0000000000B1F000-memory.dmp
    Filesize

    7.1MB

    Download
  • memory/2860-6984-0x0000000000400000-0x0000000000B1F000-memory.dmp
    Filesize

    7.1MB

    Download
  • memory/2860-6986-0x0000000002980000-0x00000000029F9000-memory.dmp
    Filesize

    484KB

    Download
  • memory/2860-6988-0x0000000000C00000-0x0000000000C01000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2860-6987-0x0000000003182000-0x00000000032BF000-memory.dmp
    Filesize

    1.2MB

    Download