Analysis
-
max time kernel
91s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
12/11/2022, 11:37
Static task
static1
Behavioral task
behavioral1
Sample
0915eb750b11e94953c1986391d89c8a.exe
Resource
win7-20220901-en
3 signatures
150 seconds
General
-
Target
0915eb750b11e94953c1986391d89c8a.exe
-
Size
9.6MB
-
MD5
0915eb750b11e94953c1986391d89c8a
-
SHA1
71486f38fdb43239ccf56b6349e0eaf86e68022a
-
SHA256
d72645347b3fa6134cc416b6b9d73eec9d4ef2af4dbf26c6b91da795144c394c
-
SHA512
aa9d1049c4ea0500782db8957f8d9ef8df707994c5ea8f9a8855b9c3d01f8f209f3165aa576b1b04ec7117fc3506aeb664259d7a310342b60b6f769d6303ce61
-
SSDEEP
196608:P/JjqWE4GnFcaCCnTwaJ6qu8jKmEHEByu0cssD1MGQQtgIL:P/8tCWwaJju85X0hGgIL
Malware Config
Extracted
Family
systembc
C2
filmsoneonline.com:4246
onlinefilmshome.com:4246
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
pid Process 740 0915eb750b11e94953c1986391d89c8a.exe 740 0915eb750b11e94953c1986391d89c8a.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 740 0915eb750b11e94953c1986391d89c8a.exe 740 0915eb750b11e94953c1986391d89c8a.exe 740 0915eb750b11e94953c1986391d89c8a.exe 740 0915eb750b11e94953c1986391d89c8a.exe