Analysis
-
max time kernel
91s -
max time network
81s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
08-09-2022 22:10
Static task
static1
Behavioral task
behavioral1
Sample
revshow_x64_2_9_16_4_stable.exe
Resource
win7-20220812-en
windows7-x64
6 signatures
150 seconds
Behavioral task
behavioral2
Sample
revshow_x64_2_9_16_4_stable.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
revshow_x64_2_9_16_4_stable.exe
-
Size
5.0MB
-
MD5
e814c0b59ebe83099a15fb1875acb5d0
-
SHA1
f5eb663d5a6c388a4d30f51c3e17e4e8c685b573
-
SHA256
0ca84b408519c63a693b0f0bbff6619151d84a73295d9a5da2a201f06d3a2dfc
-
SHA512
5b2f64ddd0fb3819aa77cfa7442d984d35c4323513192e074c691ae8fcc01500a99f6e96e5b77f30b48b8ce1d7cdb83adff7276f3b4fc0b6ae28d02ae8a090d7
-
SSDEEP
49152:X4hgafa6Fc4s1nrpilNNS8yxFER5StYQzB7BsPTYizKdt:76QnrpiTNqTVgKdt
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 62 IoCs
pid Process 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe 4076 revshow_x64_2_9_16_4_stable.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 4076 revshow_x64_2_9_16_4_stable.exe