Overview

overview

10

Static

static

Paladin.exe

windows7_x64

9

Paladin.exe

windows10_x64

10

Resubmissions

21-11-2021 07:19

211121-h5vhpsgfc2 10

20-11-2021 20:40

211120-zgal3adbhn 10

20-11-2021 20:36

211120-zdsy8sdbhm 10

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    20-11-2021 20:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Paladin.exe

  • Size

    9.5MB

  • MD5

    60fb5bcf43d7462fba8a16edde2c9524

  • SHA1

    4118779194de403e1b7baf9d5a1dc43ee48130dc

  • SHA256

    86ef1a5f70b1f18a40f4f3bc6f975e29543c6a0266c123276dbc9c3057dcee5b

  • SHA512

    8fac729c002e2d0f7b20eb27caf599ddff1af44c3162ee4f9c5aab355869c577139e2c3d038a186fb6576825f7cca99c2a3cda20e64ea1672c9318992236d94f

Score
9/10
evasiontrojan

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\Paladin.exe
    "C:\Users\Admin\AppData\Local\Temp\Paladin.exe"
    1⤵
    • Checks BIOS information in registry
    • Checks whether UAC is enabled
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:1420

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1420-55-0x000000013F1B0000-0x0000000140AFE000-memory.dmp

    Filesize

    25.3MB

    Download

  • memory/1420-56-0x000000013F1B0000-0x0000000140AFE000-memory.dmp

    Filesize

    25.3MB

    Download

  • memory/1420-57-0x000000013F1B0000-0x0000000140AFE000-memory.dmp

    Filesize

    25.3MB

    Download

  • memory/1420-58-0x000000013F1B0000-0x0000000140AFE000-memory.dmp

    Filesize

    25.3MB

    Download

  • memory/1420-59-0x000000013F1B0000-0x0000000140AFE000-memory.dmp

    Filesize

    25.3MB

    Download