Analysis
-
max time kernel
140s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
31-08-2023 21:55
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
e651dc7b5e731060450fc622bb3bbd3a3ffcfd0107d0991711a028fdea2a4fcf.exe
Resource
win7-20230712-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
e651dc7b5e731060450fc622bb3bbd3a3ffcfd0107d0991711a028fdea2a4fcf.exe
Resource
win10v2004-20230831-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
e651dc7b5e731060450fc622bb3bbd3a3ffcfd0107d0991711a028fdea2a4fcf.exe
-
Size
3.4MB
-
MD5
6adeb4fdc9b2b85594bb71da841d9136
-
SHA1
1d9c9567cb2921f0ec39051b96f16bf74aa8026d
-
SHA256
e651dc7b5e731060450fc622bb3bbd3a3ffcfd0107d0991711a028fdea2a4fcf
-
SHA512
163635f788023d6d406f12ec72c3688342ed416a9859c7207838a62665bf593384e8d4a6da4fd59a493cb0ad576c5062937a0fa1ca5685b129f690daf98a2959
-
SSDEEP
98304:f8Aqg/7VbbD2+fFYNT4tiyqefuC+8M4DTfQ:0xghTYdGiybfC8lDTo
Score
5/10
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
pid Process 2388 e651dc7b5e731060450fc622bb3bbd3a3ffcfd0107d0991711a028fdea2a4fcf.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2388 e651dc7b5e731060450fc622bb3bbd3a3ffcfd0107d0991711a028fdea2a4fcf.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\e651dc7b5e731060450fc622bb3bbd3a3ffcfd0107d0991711a028fdea2a4fcf.exe"C:\Users\Admin\AppData\Local\Temp\e651dc7b5e731060450fc622bb3bbd3a3ffcfd0107d0991711a028fdea2a4fcf.exe"1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetWindowsHookEx
PID:2388