Overview

overview

5

Static

static

6cc36d78cd...d4.exe

windows7-x64

5

6cc36d78cd...d4.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    169s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 20:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6cc36d78cd8a16e272a3b646bb6e5d31ed8f608bff2ffa5c52d4d0d66cc918d4.exe

  • Size

    1.6MB

  • MD5

    02ab93819c88e421101c550e3709d63e

  • SHA1

    4db3a3549097e1b9d5ac1ed5f9e7347bc5dc480e

  • SHA256

    6cc36d78cd8a16e272a3b646bb6e5d31ed8f608bff2ffa5c52d4d0d66cc918d4

  • SHA512

    caaa4d801ee891af4cf9684de95a65fb1f7f2e6eee8a636082cfc781f6c56ce787af2f1c2731cd913204a49b9b882e57b91c405c3d22ccb136238d1d61d24851

  • SSDEEP

    49152:hEH/bqbGSCbalaJBPlXhc5quwtk1P4FZe496gboPmAEFIYJ:AOSbalqPZhRudSZe4gjmA9YJ

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 38 IoCs
  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6cc36d78cd8a16e272a3b646bb6e5d31ed8f608bff2ffa5c52d4d0d66cc918d4.exe
    "C:\Users\Admin\AppData\Local\Temp\6cc36d78cd8a16e272a3b646bb6e5d31ed8f608bff2ffa5c52d4d0d66cc918d4.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:428

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/428-133-0x0000000000400000-0x0000000000660000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/428-134-0x0000000076EA0000-0x0000000077043000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/428-135-0x0000000075870000-0x0000000075A85000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/428-137-0x0000000075210000-0x00000000753B0000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/428-138-0x0000000076680000-0x00000000766FA000-memory.dmp

    Filesize

    488KB

    Download

  • memory/428-1480-0x0000000000400000-0x0000000000660000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/428-1481-0x0000000000400000-0x0000000000660000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/428-1482-0x0000000000400000-0x0000000000660000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/428-1483-0x0000000000400000-0x0000000000660000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/428-1485-0x0000000000400000-0x0000000000660000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/428-1486-0x0000000000400000-0x0000000000660000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/428-1487-0x0000000000400000-0x0000000000660000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/428-1488-0x000000000F928000-0x000000000F930000-memory.dmp

    Filesize

    32KB

    Download

  • memory/428-1489-0x0000000000400000-0x0000000000660000-memory.dmp

    Filesize

    2.4MB

    Download