Overview

overview

5

Static

static

1

S0ftware-2...PC.exe

windows7-x64

5

S0ftware-2...PC.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    138s
  • max time network
    160s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-03-2023 02:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    S0ftware-2O23-PC/Set-Up_PC.exe

  • Size

    733.0MB

  • MD5

    7a2c8484d9ba64fd3978088c4bfa88b3

  • SHA1

    ec486e5a0b3faba51f0f7c9d6e46e5c5988611f2

  • SHA256

    03deb70889a72456c7f410d89b850ffb558e5dac0fa49169242fb31ff4ac88f5

  • SHA512

    a58d2634101168f434af038c63ca84e6a0d54d09a9044cf8387cc46ce9d93eb6d9a9eb9b64d608cd542f5af649a672fb7560b7d4ad99c0e290b9a3d997906a58

  • SSDEEP

    393216:nzExYOtNGjyvfMPPFPeh2qfeSW0xrfDNZ:nzzOtNAaM4ht15fDNZ

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\S0ftware-2O23-PC\Set-Up_PC.exe
    "C:\Users\Admin\AppData\Local\Temp\S0ftware-2O23-PC\Set-Up_PC.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:3500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3500-133-0x0000000001B40000-0x0000000001B41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3500-134-0x0000000003990000-0x0000000003991000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3500-135-0x00000000039A0000-0x00000000039A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3500-136-0x00000000039C0000-0x00000000039C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3500-137-0x00000000039D0000-0x00000000039D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3500-138-0x00000000039E0000-0x00000000039E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3500-139-0x00000000039F0000-0x00000000039F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3500-140-0x0000000003A00000-0x0000000003A01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3500-141-0x0000000000400000-0x0000000001B3D000-memory.dmp

    Filesize

    23.2MB

    Download