Overview

overview

5

Static

static

3

5f18854ea3...8a.exe

windows7-x64

5

5f18854ea3...8a.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    28-08-2023 12:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5f18854ea35271694382dd578c683ccac8b2efae2b9f82e952c3b42612b8c18a.exe

  • Size

    5.6MB

  • MD5

    3485d0de3358b3243af2480456414030

  • SHA1

    6525b17651cdea18f991167797c57684eee15a15

  • SHA256

    5f18854ea35271694382dd578c683ccac8b2efae2b9f82e952c3b42612b8c18a

  • SHA512

    5799956d829cffeb43ec202f9fb34c3dd9f0675a5657c6b5626e6c4d9b61110f81dfec38cd9856577c964db06a59605168f873bf82b0a31b45bfe3bdd7a4cf70

  • SSDEEP

    98304:+Mi4hD9aW36MFaKpQtDKB48X760Ss0HWtni9Jbwkk7XXIB6T72vjQUt2lWrBY158:CEDoW3WUyHair2QXbwk4XnfSnt2lJei6

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5f18854ea35271694382dd578c683ccac8b2efae2b9f82e952c3b42612b8c18a.exe
    "C:\Users\Admin\AppData\Local\Temp\5f18854ea35271694382dd578c683ccac8b2efae2b9f82e952c3b42612b8c18a.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:1188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1188-0-0x0000000000400000-0x00000000017A5000-memory.dmp

    Filesize

    19.6MB

    Download

  • memory/1188-1-0x0000000077C40000-0x0000000077C42000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1188-2-0x0000000000400000-0x00000000017A5000-memory.dmp

    Filesize

    19.6MB

    Download