Overview

overview

5

Static

static

fa61a88505...80.exe

windows7-x64

5

fa61a88505...80.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    139s
  • max time network
    181s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/12/2022, 07:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fa61a88505e5dc71e4d5fc9b434bb080380f3e64cd3506a9f8afa0979b2ed780.exe

  • Size

    1.2MB

  • MD5

    8115e24be5b5f82c0b828160f3a4ef31

  • SHA1

    4c6c9957a6a208f86e125cbc2924033b7e6dc7ba

  • SHA256

    fa61a88505e5dc71e4d5fc9b434bb080380f3e64cd3506a9f8afa0979b2ed780

  • SHA512

    2aa04bdda216f089ea65aad808480241d1207d1b61a90c46cc1826537650557a0b180f7ce440be634f9e5d29d0f0337394a8342115fd71f546063c88e1f3ee64

  • SSDEEP

    12288:/PKTH7wB3Ugez/lBdsTZVt5B4MT0FF9d0xoaAGC8AWVI5yTQDwFQju2UZL6vODT6:/PKTbwBC9sTZVN4p5kQG0dVlIJmjokom

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 36 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fa61a88505e5dc71e4d5fc9b434bb080380f3e64cd3506a9f8afa0979b2ed780.exe
    "C:\Users\Admin\AppData\Local\Temp\fa61a88505e5dc71e4d5fc9b434bb080380f3e64cd3506a9f8afa0979b2ed780.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:3816

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3816-132-0x0000000077DC0000-0x0000000077F63000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/3816-133-0x0000000077650000-0x0000000077865000-memory.dmp

          Filesize

          2.1MB

          Download

        • memory/3816-134-0x0000000000400000-0x000000000052C000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/3816-136-0x00000000774B0000-0x0000000077650000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/3816-137-0x0000000077430000-0x00000000774AA000-memory.dmp

          Filesize

          488KB

          Download

        • memory/3816-1483-0x0000000000400000-0x000000000052C000-memory.dmp

          Filesize

          1.2MB

          Download