Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
12-10-2022 20:48
General
-
Target
49a739cbc8a28adc28736e145c3f245a2bdf6617663f1c33d513377fae72bbb4.exe
-
Size
36KB
-
MD5
801bddf6f14dd89827c5885a6a540de5
-
SHA1
6fbf71bd0d73c446133c6824be09c2b46f2db756
-
SHA256
49a739cbc8a28adc28736e145c3f245a2bdf6617663f1c33d513377fae72bbb4
-
SHA512
e46fb75a40ff00c1bade6e7a19a0f74fe0e0912e5d3828788c19c6ec9f60811945668cdf9769de3a8b8fdebf56898ed52dd093315ea4e256c293611663fe1d4c
-
SSDEEP
384:GIntgkiTl/PJCQCzirQCz03RAtmoYhpRd42tqHwd5ASc:GIetJCQIirQIKRGlYn42oHI2
Score
8/10
Malware Config
Signatures
-
Downloads MZ/PE file
-
Loads dropped DLL 1 IoCs
-
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\49a739cbc8a28adc28736e145c3f245a2bdf6617663f1c33d513377fae72bbb4.exe"C:\Users\Admin\AppData\Local\Temp\49a739cbc8a28adc28736e145c3f245a2bdf6617663f1c33d513377fae72bbb4.exe"1⤵
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Public\Documents\calc.dllFilesize
5.4MB
MD526c044da6732d9534e594a521e841c1c
SHA19d2f162bf16affab1b3845df38d42faa073c1a07
SHA256c6f59fdf0b85f3b75da208197e0c755fddc51c44967820ac64ccab25b4004ccd
SHA51272f9449ac1e649e87832639c9b76982d4494a8b45d204b5eccba0d6391d9548bb2f898f511d1144d85f120947967749ab0397c9d44531a20f175b5fd6ddbf436
-
memory/4244-133-0x0000000073200000-0x0000000073AA2000-memory.dmpFilesize
8.6MB