Overview

overview

7

Static

static

HearthCraw...CC.dll

windows7-x64

1

HearthCraw...CC.dll

windows10-2004-x64

1

HearthCraw...ne.dll

windows7-x64

1

HearthCraw...ne.dll

windows10-2004-x64

1

HearthCraw...er.exe

windows7-x64

5

HearthCraw...er.exe

windows10-2004-x64

3

HearthCraw...nt.exe

windows7-x64

1

HearthCraw...nt.exe

windows10-2004-x64

1

HearthCraw...nt.dll

windows7-x64

1

HearthCraw...nt.dll

windows10-2004-x64

1

HearthCraw...er.exe

windows7-x64

5

HearthCraw...er.exe

windows10-2004-x64

HearthCraw...re.dll

windows7-x64

3

HearthCraw...re.dll

windows10-2004-x64

3

HearthCraw...ui.dll

windows7-x64

3

HearthCraw...ui.dll

windows10-2004-x64

3

HearthCraw...rk.dll

windows7-x64

3

HearthCraw...rk.dll

windows10-2004-x64

3

HearthCraw...ts.dll

windows7-x64

3

HearthCraw...ts.dll

windows10-2004-x64

3

HearthCraw...er.exe

windows7-x64

3

HearthCraw...er.exe

windows10-2004-x64

3

HearthCraw...52.dll

windows7-x64

3

HearthCraw...52.dll

windows10-2004-x64

3

HearthCraw...52.dll

windows7-x64

3

HearthCraw...52.dll

windows10-2004-x64

3

HearthCraw...52.dll

windows7-x64

1

HearthCraw...52.dll

windows10-2004-x64

1

HearthCraw...if.dll

windows7-x64

1

HearthCraw...if.dll

windows10-2004-x64

1

HearthCraw...32.dll

windows7-x64

1

HearthCraw...32.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    213s
  • max time network
    196s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    25-11-2022 19:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HearthCrawler_R30_10/HearthLoader.exe

  • Size

    786KB

  • MD5

    d21d67fb5aa4e035447fb215b6da6872

  • SHA1

    1445ea78eb0cd609ae8616091595b6ed8114e82d

  • SHA256

    7d8a7c512f7b2c4d4d9d16dfd5c5c2187c03bfcc3eaa07c0bad88e675af56865

  • SHA512

    098b81f5eaa94aa1a9166f3c75c7926a5def6c7e426b675e8459d92651e4d890ab76d4bd8f7d05b42c22f02ab9f0acce19bb10dd3c79df431c6e8e13913755a4

  • SSDEEP

    24576:lxU15RuD+6MFFxoKj7uUY/FMpM73BYY8Q3awotl:l4RuS6MFAe7G9MpY3l1Kwol

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 64 IoCs
  • Enumerates system info in registry 2 TTPs 2 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\HearthCrawler_R30_10\HearthLoader.exe
    "C:\Users\Admin\AppData\Local\Temp\HearthCrawler_R30_10\HearthLoader.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Enumerates system info in registry
    • Suspicious use of WriteProcessMemory
    PID:996
    • C:\Users\Admin\AppData\Local\Temp\HearthCrawler_R30_10\Hearthcrawler.exe
      "Hearthcrawler.exe"
      2⤵
        PID:928

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/928-4323-0x0000000000000000-mapping.dmp
      Download
    • memory/928-4325-0x0000000000400000-0x00000000004FC000-memory.dmp
      Filesize

      1008KB

      Download
    • memory/996-54-0x0000000000400000-0x00000000004D5000-memory.dmp
      Filesize

      852KB

      Download
    • memory/996-55-0x00000000751A1000-0x00000000751A3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/996-57-0x0000000076220000-0x0000000076267000-memory.dmp
      Filesize

      284KB

      Download
    • memory/996-464-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-465-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-466-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-468-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-469-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-470-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-471-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-472-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-467-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-474-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-475-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-473-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-477-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-478-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-479-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-476-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-481-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-482-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-483-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-484-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-480-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-485-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-486-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-487-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-488-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-489-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-490-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-491-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-493-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-494-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-495-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-492-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-497-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-498-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-499-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-500-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-496-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-502-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-503-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-501-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-505-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-506-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-504-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-507-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-508-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-509-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-510-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-511-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-513-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-512-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-514-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-516-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-517-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-515-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-519-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-520-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-521-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-518-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-522-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-523-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-524-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-525-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-1332-0x0000000001C70000-0x0000000001D70000-memory.dmp
      Filesize

      1024KB

      Download
    • memory/996-1333-0x0000000001EF0000-0x0000000002071000-memory.dmp
      Filesize

      1.5MB

      Download
    • memory/996-1670-0x0000000001C70000-0x0000000001D70000-memory.dmp
      Filesize

      1024KB

      Download
    • memory/996-4319-0x0000000002080000-0x0000000002191000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/996-4320-0x00000000021A0000-0x00000000022A1000-memory.dmp
      Filesize

      1.0MB

      Download
    • memory/996-4321-0x00000000022B0000-0x0000000002351000-memory.dmp
      Filesize

      644KB

      Download
    • memory/996-4322-0x0000000000400000-0x00000000004D5000-memory.dmp
      Filesize

      852KB

      Download
    • memory/996-4324-0x0000000002960000-0x0000000002A5C000-memory.dmp
      Filesize

      1008KB

      Download
    • memory/996-4326-0x0000000000400000-0x00000000004D5000-memory.dmp
      Filesize

      852KB

      Download