Overview

overview

5

Static

static

6870f90f9b...fb.exe

windows7-x64

5

6870f90f9b...fb.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    36s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    19/10/2022, 23:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6870f90f9b47b507038c858809c2a6bfe4448e4fb17ace9758f2c005d7468cfb.exe

  • Size

    796KB

  • MD5

    920d8fe8edeb7d9f98f792e73b4fce90

  • SHA1

    d4c3259cde3aef603be1de154704a266256be0d8

  • SHA256

    6870f90f9b47b507038c858809c2a6bfe4448e4fb17ace9758f2c005d7468cfb

  • SHA512

    3fefb80a4ed0c7c6e1d10cc4cfb70deb6ea9377a536996c74deeb98cfd58a666bf3f3055771c86965e21ab4e1f931d39618bbceba40b228e7340acf0aaba1fe0

  • SSDEEP

    12288:jh9RXjlnC3JyDrSect1HY6gJja3UoHzlQQm74u7oDLxuqAoFW17blrb:19RXjRuJyXyt1HY6gJObHzl4RA8BbbZ

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6870f90f9b47b507038c858809c2a6bfe4448e4fb17ace9758f2c005d7468cfb.exe
    "C:\Users\Admin\AppData\Local\Temp\6870f90f9b47b507038c858809c2a6bfe4448e4fb17ace9758f2c005d7468cfb.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:1884

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1884-55-0x00000000010B0000-0x0000000001312000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/1884-54-0x0000000075E31000-0x0000000075E33000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1884-56-0x00000000010B0000-0x0000000001312000-memory.dmp

    Filesize

    2.4MB

    Download