Analysis
-
max time kernel
33s -
max time network
51s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
-
submitted
24-09-2022 22:23
General
-
Target
69366638da92e5871b80c1b1ac5c36ca499a407422137b34b43d948546a190ef.exe
-
Size
722.4MB
-
MD5
a2d302bbecc9b38529cc016adc334b17
-
SHA1
323c64e329187281a418195191f5802a79bc70d9
-
SHA256
69366638da92e5871b80c1b1ac5c36ca499a407422137b34b43d948546a190ef
-
SHA512
9c299c215b2769ba3729426aab92e198fb966bd411ff550b0771c02404e550451ba8c36575969f5908c3a8dc40d3de670eabe4ba2bf5b06235eb1117b24c2b37
-
SSDEEP
49152:q+G3R8rSAZkqqKR8GEOWT+RvTKVrcxO5VJhOYJH3/UTM:q+G3+rSikq7R8GEfEagxgbOCOM
Score
5/10
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\69366638da92e5871b80c1b1ac5c36ca499a407422137b34b43d948546a190ef.exe"C:\Users\Admin\AppData\Local\Temp\69366638da92e5871b80c1b1ac5c36ca499a407422137b34b43d948546a190ef.exe"1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1160-54-0x00000000762E1000-0x00000000762E3000-memory.dmpFilesize
8KB
-
memory/1160-55-0x00000000009B0000-0x00000000009B2000-memory.dmpFilesize
8KB
-
memory/1160-56-0x00000000009B0000-0x0000000001308000-memory.dmpFilesize
9.3MB
-
memory/1160-57-0x00000000FFBD0000-0x00000000FFFA1000-memory.dmpFilesize
3.8MB
-
memory/1160-58-0x00000000009B0000-0x0000000001308000-memory.dmpFilesize
9.3MB
-
memory/1160-59-0x00000000009B0000-0x0000000001308000-memory.dmpFilesize
9.3MB