Analysis
-
max time kernel
49s -
max time network
52s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
-
submitted
25-11-2022 19:19
General
-
Target
midnight-scp-launcher.exe
-
Size
12.2MB
-
MD5
2fd6af8d08e7c069d7fa8b530d21e5c1
-
SHA1
3a07ff8f7e06133268c427ce12ef2a074241c849
-
SHA256
50225b0c5194eb0dc2821692043eae15eeb6a8612595b55f998b1a02888d6f4e
-
SHA512
f01ee98f85043c61045d119bc30ae1f6aaca3e33095ec94ff7a669adfbb29dde9fa4057b67b29f944b303d923ea011fb4682270b3a4439b2526ef7cb22b5f177
-
SSDEEP
393216:s+1fvRTVO/LYOXvzHdg5CmjF0iX2AaZ5KjEICu7:scXZVO/LDbHdECmBRXpaujEW
Score
5/10
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
-
Program crash 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 6 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\midnight-scp-launcher.exe"C:\Users\Admin\AppData\Local\Temp\midnight-scp-launcher.exe"1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 656 -s 2482⤵
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/656-120-0x00007FF79DC70000-0x00007FF79F285000-memory.dmpFilesize
22.1MB
-
memory/656-124-0x000002348F1D0000-0x000002348FCDB000-memory.dmpFilesize
11.0MB
-
memory/656-134-0x000002348F1D0000-0x000002348FCDB000-memory.dmpFilesize
11.0MB
-
memory/656-135-0x000002348F1D0000-0x000002348FCDB000-memory.dmpFilesize
11.0MB
-
memory/656-136-0x000002348F1D0000-0x000002348FCDB000-memory.dmpFilesize
11.0MB
-
memory/656-138-0x000002348F35B000-0x000002348F6B9000-memory.dmpFilesize
3.4MB
-
memory/656-142-0x00007FF79DC70000-0x00007FF79F285000-memory.dmpFilesize
22.1MB