Overview

overview

10

Static

static

setup.exe

windows7-x64

10

setup.exe

windows10-2004-x64

1

�...� .exe

windows7-x64

5

�...� .exe

windows10-2004-x64

5

Analysis

  • max time kernel
    378s
  • max time network
    413s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-11-2022 14:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Ѫͳ1.1 .exe

  • Size

    2.3MB

  • MD5

    7258d5fd3bab7e9802b93573819261eb

  • SHA1

    04beccacb05c553cb4debd377bc43403862e2b9a

  • SHA256

    f96ae6955319db901b55aa276508d1ad6e5ac3fee50daf93993a2efff19104e2

  • SHA512

    cd3f2e8da8e6f4b6270723075f9f2116b90fc5e5188ffa6aa4856b4cb5642a4d45f2370374c4c628f0dd0a17fce9aec3a23369d7232487ac62750725ed85a971

  • SSDEEP

    49152:5bNNjlTAj0pkfuxLkbXMU9bmk3cMjlG91Fyc:HN9Akkfue4O3BSF

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Ѫͳ1.1 .exe
    "C:\Users\Admin\AppData\Local\Temp\Ѫͳ1.1 .exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:428

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/428-132-0x0000000077150000-0x00000000772F3000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/428-133-0x00000000752B0000-0x00000000754C5000-memory.dmp
    Filesize

    2.1MB

    Download
  • memory/428-134-0x0000000000400000-0x0000000000643000-memory.dmp
    Filesize

    2.3MB

    Download
  • memory/428-135-0x000000000244F000-0x00000000025F3000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/428-136-0x0000000076DE0000-0x0000000076F80000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/428-138-0x0000000077050000-0x00000000770CA000-memory.dmp
    Filesize

    488KB

    Download
  • memory/428-1170-0x0000000000731000-0x00000000007A9000-memory.dmp
    Filesize

    480KB

    Download
  • memory/428-1171-0x000000000260D000-0x00000000027AE000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/428-1172-0x0000000000760000-0x0000000000793000-memory.dmp
    Filesize

    204KB

    Download
  • memory/428-1173-0x000000000283A000-0x0000000002A50000-memory.dmp
    Filesize

    2.1MB

    Download
  • memory/428-1174-0x0000000000760000-0x0000000000793000-memory.dmp
    Filesize

    204KB

    Download
  • memory/428-1175-0x0000000000400000-0x0000000000643000-memory.dmp
    Filesize

    2.3MB

    Download