Analysis
-
max time kernel
262s -
max time network
390s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
25-11-2022 19:29
General
-
Target
5cf3124431d3fdad46c21908953cf5b97db7c088621efc5493e698c67a253d00.exe
-
Size
73KB
-
MD5
563b79cee8188b4a7ab5a6d085f3a8c8
-
SHA1
5092692b9201bc95dbadbc75f2a5613d444de5ea
-
SHA256
5cf3124431d3fdad46c21908953cf5b97db7c088621efc5493e698c67a253d00
-
SHA512
18b6d5fc898ae6b7fca89ee68933788781c0592092530e9baf64989d38cf09df15647cbd12e4ca106b7150df9ee13e73a90c10753c6c01ef6d6e007bfe84d703
-
SSDEEP
768:rRpVpeRNuSJ7NWfZFfaLXO169q5VvHZ3m11aepXl5TRTbj37r49JsFNltX1Qb:rRt60+c/iLe16AFHZL65TRHL7r+M1Qb
Score
8/10
Malware Config
Signatures
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\5cf3124431d3fdad46c21908953cf5b97db7c088621efc5493e698c67a253d00.exe"C:\Users\Admin\AppData\Local\Temp\5cf3124431d3fdad46c21908953cf5b97db7c088621efc5493e698c67a253d00.exe"1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1188-54-0x00000000767C1000-0x00000000767C3000-memory.dmpFilesize
8KB
-
memory/1188-55-0x0000000000400000-0x0000000000416000-memory.dmpFilesize
88KB
-
memory/1188-56-0x0000000000400000-0x0000000000416000-memory.dmpFilesize
88KB
-
memory/1188-57-0x0000000000400000-0x0000000000416000-memory.dmpFilesize
88KB