Overview

overview

5

Static

static

806cc60db9...bd.exe

windows7-x64

5

806cc60db9...bd.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    306s
  • max time network
    362s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-11-2022 12:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    806cc60db90ba37c6971a05f2d2568d0cc452b26f026a21b1a98e78b2d5af7bd.exe

  • Size

    1.6MB

  • MD5

    4f9d1f065b29db78b1a9b487c006f6c0

  • SHA1

    74f5874783385b0889a499063cefaefc96df6ac1

  • SHA256

    806cc60db90ba37c6971a05f2d2568d0cc452b26f026a21b1a98e78b2d5af7bd

  • SHA512

    843bf7ba805b1acb0ea62f5d9771f5e410a505847f9e23e9ee66514052e8713ce017b798a601fdee4136034edd5e57b6c5ae2cc0ada87968f115c9bc6e5b9659

  • SSDEEP

    49152:JMjTlOtSQ3WeMISc8BtWacZsdsFE1Y7u7l9J86U2j:JS6/33Mc8BtW3OdsO1YYl9B

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 25 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\806cc60db90ba37c6971a05f2d2568d0cc452b26f026a21b1a98e78b2d5af7bd.exe
    "C:\Users\Admin\AppData\Local\Temp\806cc60db90ba37c6971a05f2d2568d0cc452b26f026a21b1a98e78b2d5af7bd.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:4548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4548-132-0x0000000000400000-0x0000000000655000-memory.dmp
    Filesize

    2.3MB

    Download
  • memory/4548-133-0x0000000077A50000-0x0000000077BF3000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/4548-134-0x0000000075BE0000-0x0000000075DF5000-memory.dmp
    Filesize

    2.1MB

    Download
  • memory/4548-136-0x0000000077670000-0x0000000077810000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/4548-137-0x0000000075F90000-0x000000007600A000-memory.dmp
    Filesize

    488KB

    Download
  • memory/4548-1481-0x0000000000400000-0x0000000000655000-memory.dmp
    Filesize

    2.3MB

    Download
  • memory/4548-1482-0x0000000000400000-0x0000000000655000-memory.dmp
    Filesize

    2.3MB

    Download
  • memory/4548-1483-0x0000000000400000-0x0000000000655000-memory.dmp
    Filesize

    2.3MB

    Download
  • memory/4548-1484-0x0000000000400000-0x0000000000655000-memory.dmp
    Filesize

    2.3MB

    Download
  • memory/4548-1486-0x0000000000400000-0x0000000000655000-memory.dmp
    Filesize

    2.3MB

    Download
  • memory/4548-1487-0x0000000000400000-0x0000000000655000-memory.dmp
    Filesize

    2.3MB

    Download
  • memory/4548-1488-0x0000000000400000-0x0000000000655000-memory.dmp
    Filesize

    2.3MB

    Download