Overview

overview

5

Static

static

7c2c9a0629...b5.exe

windows7-x64

1

7c2c9a0629...b5.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    179s
  • max time network
    190s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/11/2022, 15:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7c2c9a062971e42ec1b8ee3fee189433d0e04519c3492a13935afe9ba37056b5.exe

  • Size

    112KB

  • MD5

    859716fff119e1fdbccd7afd88a6fea1

  • SHA1

    7c1cf716c0d1a1d804af2584103bd80a2d20d89c

  • SHA256

    7c2c9a062971e42ec1b8ee3fee189433d0e04519c3492a13935afe9ba37056b5

  • SHA512

    d30f8e02fbb30327208a1c41489ceaf365b8c6bbcdb08c8a0f8fe16dcf4f2101c39aaa45ad3e022b75f83f71e848f95974769b1bda762765df5866da26093caa

  • SSDEEP

    3072:3R8UN2WjxKTFZYhZyrhwNNhZd/c38+7E1x+Yv:6y2W0TFZYLewNz/c38e2Dv

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7c2c9a062971e42ec1b8ee3fee189433d0e04519c3492a13935afe9ba37056b5.exe
    "C:\Users\Admin\AppData\Local\Temp\7c2c9a062971e42ec1b8ee3fee189433d0e04519c3492a13935afe9ba37056b5.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:860
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 860 -s 276
      2⤵
      • Program crash
      PID:3928
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 860 -ip 860
    1⤵
      PID:2796

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/860-132-0x0000000000408000-0x000000000041F000-memory.dmp

            Filesize

            92KB

            Download

          • memory/860-133-0x0000000000408000-0x000000000041F000-memory.dmp

            Filesize

            92KB

            Download

          • memory/860-134-0x0000000000400000-0x000000000041E876-memory.dmp

            Filesize

            122KB

            Download

          • memory/860-135-0x0000000000400000-0x000000000041E876-memory.dmp

            Filesize

            122KB

            Download