Overview

overview

5

Static

static

ffdad52c3f...3e.exe

windows7-x64

5

ffdad52c3f...3e.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    91s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/10/2022, 12:03

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ffdad52c3fd4ce357a76b40804aa98838c677d2987421c1cdff12536fb27b93e.exe

  • Size

    5.2MB

  • MD5

    d6e1230205bf3f0111dc9c651206a9c0

  • SHA1

    5b43ab25262f59deb99af71fa2b8057c3e7e33f4

  • SHA256

    ffdad52c3fd4ce357a76b40804aa98838c677d2987421c1cdff12536fb27b93e

  • SHA512

    7ffe8f81fe780fbef572bdbf03d52eeab5360f6f6783d52084f0db1d060e543d352d86765fec5b5a9d91e9409a9ef0be8ce679f0165f2187179bcf58f34830f3

  • SSDEEP

    98304:TpIM+sno8rCxQQP8vIyygCqzYGJhn3wLSEycb+WgOgLkJG3t+kTBqZmT8EDvMNEP:Tp5no0TAKztZ68LkJG3t+4BqZmTNl7q5

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ffdad52c3fd4ce357a76b40804aa98838c677d2987421c1cdff12536fb27b93e.exe
    "C:\Users\Admin\AppData\Local\Temp\ffdad52c3fd4ce357a76b40804aa98838c677d2987421c1cdff12536fb27b93e.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3800

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3800-132-0x0000000000400000-0x0000000000C72000-memory.dmp

          Filesize

          8.4MB

          Download

        • memory/3800-135-0x0000000000400000-0x0000000000C72000-memory.dmp

          Filesize

          8.4MB

          Download