Overview

overview

5

Static

static

ffd027e9ee...9a.exe

windows7-x64

5

ffd027e9ee...9a.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-10-2022 20:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffd027e9ee6351c269fe8d0a02b8fe096a7fb04f5d5e098dea8403cbdaafbc9a.exe

  • Size

    3.6MB

  • MD5

    cf322b2e639c1d0782725650eea90151

  • SHA1

    914266d7c231e73ef365ee67a4cee74229b9128d

  • SHA256

    ffd027e9ee6351c269fe8d0a02b8fe096a7fb04f5d5e098dea8403cbdaafbc9a

  • SHA512

    fec2197136ae72727e56005ff4d0f8bdf7b8cafd6ff7681581b3a3cf173aa65aae11b2a778d1fa637ca5920f8f8569a213aa8636ffaabeadb20dcb27e7676c74

  • SSDEEP

    98304:HMc+LUMp8hgbVvLaeP252gHSmfvakPodrB1XaPg8Y+K6g/KP7J:HtkUJktLae+52kSLd1AFY+KI

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 38 IoCs
  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ffd027e9ee6351c269fe8d0a02b8fe096a7fb04f5d5e098dea8403cbdaafbc9a.exe
    "C:\Users\Admin\AppData\Local\Temp\ffd027e9ee6351c269fe8d0a02b8fe096a7fb04f5d5e098dea8403cbdaafbc9a.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:4940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4940-132-0x0000000140000000-0x00000001405C1000-memory.dmp

    Filesize

    5.8MB

    Download

  • memory/4940-133-0x0000000140000000-0x00000001405C1000-memory.dmp

    Filesize

    5.8MB

    Download

  • memory/4940-134-0x0000000140000000-0x00000001405C1000-memory.dmp

    Filesize

    5.8MB

    Download

  • memory/4940-135-0x0000000140000000-0x00000001405C1000-memory.dmp

    Filesize

    5.8MB

    Download

  • memory/4940-136-0x0000000140000000-0x00000001405C1000-memory.dmp

    Filesize

    5.8MB

    Download

  • memory/4940-138-0x0000000140000000-0x00000001405C1000-memory.dmp

    Filesize

    5.8MB

    Download

  • memory/4940-139-0x0000000140000000-0x00000001405C1000-memory.dmp

    Filesize

    5.8MB

    Download

  • memory/4940-140-0x0000000140000000-0x00000001405C1000-memory.dmp

    Filesize

    5.8MB

    Download

  • memory/4940-141-0x0000000140000000-0x00000001405C1000-memory.dmp

    Filesize

    5.8MB

    Download