1c388a8bd8a2f14fb270c3bcd6ef475f7536f1dd6412f0e91746c054d15db58d | Triage

Analysis

max time kernel
18s
max time network
90s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
27/11/2022, 21:55 UTC

Sharing

Report Analysis Logs

General

Target

Ծע/Ծע.exe
Size

1.0MB
MD5

5f412e1b19f61d35b8336cdc36b14afb
SHA1

b8344251375eb99a418da4f66fa0f5eff043d9e8
SHA256

480049fe1260a294b4bf2b543000225f450916445ae262c1cb8c757eae1fb97e
SHA512

59747fe74a295a2f29fa77ff7717fe9b11d0c11a124726d902c72bf4041509db2ff0c881e8d1ff1af8f7e9704acf5d978f7736ebcee84b971178261c955955b4
SSDEEP

24576:4ZLoBawNdGtpxn8qUkujNPJXlIdifmF7ktgUQ6:zjNstplUkulJ0iK7Tb6

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

pid	Process
1752	Ծע.exe

C:\Users\Admin\AppData\Local\Temp\Ծע\Ծע.exe
"C:\Users\Admin\AppData\Local\Temp\Ծע\Ծע.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
PID:1752

Network

No results found

204.79.197.200:443

40 B
1
204.79.197.200:443

40 B
1

No results found

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1752-54-0x0000000000400000-0x000000000062B000-memory.dmp

Filesize
2.2MB

Download
memory/1752-55-0x0000000000400000-0x000000000062B000-memory.dmp

Filesize
2.2MB

Download