Overview

overview

5

Static

static

74e00dfe43...32.exe

windows7-x64

5

74e00dfe43...32.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    39s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    20/10/2022, 20:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    74e00dfe439e538faeebd1008a2c95fd775c9c89d31e6b9fac76b76779af2932.exe

  • Size

    116KB

  • MD5

    96fe33caa7c173b729a353fc4a10c4b0

  • SHA1

    40eb4466a4f95df697356e2e694af347a2e12501

  • SHA256

    74e00dfe439e538faeebd1008a2c95fd775c9c89d31e6b9fac76b76779af2932

  • SHA512

    71354c4f254e177edb90da8fa966e53e50baf0bb0b8bbfc8df40ea9324091389908d3747c8ae1ae65be7c4922e22504a875ccba5b8c3b5e896777455f286c3e6

  • SSDEEP

    1536:NGHweBt064h+c4dPQsjVxosWX+qhxB6UTeT1QzKwa+mKzBvcy6f:QHwYfcWjVmN+qx6USJQpdvcT

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: MapViewOfSection 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\74e00dfe439e538faeebd1008a2c95fd775c9c89d31e6b9fac76b76779af2932.exe
    "C:\Users\Admin\AppData\Local\Temp\74e00dfe439e538faeebd1008a2c95fd775c9c89d31e6b9fac76b76779af2932.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: MapViewOfSection
    PID:864

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/864-54-0x0000000000020000-0x0000000000024000-memory.dmp

          Filesize

          16KB

          Download

        • memory/864-55-0x0000000000400000-0x000000000041D000-memory.dmp

          Filesize

          116KB

          Download

        • memory/864-56-0x0000000000400000-0x000000000041D000-memory.dmp

          Filesize

          116KB

          Download

        • memory/864-57-0x0000000000400000-0x000000000041D000-memory.dmp

          Filesize

          116KB

          Download

        • memory/1296-58-0x0000000076F10000-0x00000000770B9000-memory.dmp

          Filesize

          1.7MB

          Download