Overview

overview

5

Static

static

037354e9ff...9a.exe

windows7-x64

5

037354e9ff...9a.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    112s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-10-2022 04:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    037354e9ffc64b74df6585ec6409b9d0114a4e7a3740eb19047ee06452923c9a.exe

  • Size

    2.0MB

  • MD5

    b840498b8e287f603675aa7f1d97c6d0

  • SHA1

    d7f6880fdda5d041af68ee61e11e66c26832d52f

  • SHA256

    037354e9ffc64b74df6585ec6409b9d0114a4e7a3740eb19047ee06452923c9a

  • SHA512

    b3f477646594a8845f41943bd48806c400973e01c3be4ae89268e661931a39cd95312374b48cddbd2c53d6596b1a04b1d3030e86e6f8ed12865e2c77955604c7

  • SSDEEP

    49152:260FEMdfbV+X/anvdkIxyuYRp6tF509BcjvsqvxVKbS:260/dh+IvpoXYtHTvxkbS

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\037354e9ffc64b74df6585ec6409b9d0114a4e7a3740eb19047ee06452923c9a.exe
    "C:\Users\Admin\AppData\Local\Temp\037354e9ffc64b74df6585ec6409b9d0114a4e7a3740eb19047ee06452923c9a.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:5052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5052-132-0x0000000000400000-0x0000000000D80000-memory.dmp

    Filesize

    9.5MB

    Download

  • memory/5052-133-0x0000000000400000-0x0000000000D80000-memory.dmp

    Filesize

    9.5MB

    Download

  • memory/5052-136-0x0000000000F68000-0x0000000000F74000-memory.dmp

    Filesize

    48KB

    Download

  • memory/5052-137-0x0000000000400000-0x0000000000D80000-memory.dmp

    Filesize

    9.5MB

    Download