Overview

overview

5

Static

static

3

3eaaad1ab7...25.exe

windows7-x64

5

3eaaad1ab7...25.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    141s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/09/2023, 02:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3eaaad1ab77d1006975cd064a3638aca4843b68481d9c8b3f9c419495d316125.exe

  • Size

    2.8MB

  • MD5

    4eb8e936c956fdb7f28403d5c6c55e36

  • SHA1

    aa3ab70d625dd697ee81169b92b2c4cdf405803d

  • SHA256

    3eaaad1ab77d1006975cd064a3638aca4843b68481d9c8b3f9c419495d316125

  • SHA512

    7ad84a34d66fd41b3420bdb90127513a70a60bb67415cd961b3a15002467dc6bba400d3fd2bdec01890f00e3b911b5fef910bbc6f3f3d04ce7afdd663f0bc514

  • SSDEEP

    49152:5gNxiqlv9cPRGJkL/3XoLH7vXQH5KPQWRS/AqkIzhoZv5/gdyf+3UU5:5GXhqckLQHjUK48S/S95/gdyf+3d

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3eaaad1ab77d1006975cd064a3638aca4843b68481d9c8b3f9c419495d316125.exe
    "C:\Users\Admin\AppData\Local\Temp\3eaaad1ab77d1006975cd064a3638aca4843b68481d9c8b3f9c419495d316125.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:4456

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4456-0-0x0000000000400000-0x0000000000E9D000-memory.dmp

    Filesize

    10.6MB

    Download

  • memory/4456-1-0x000000007FA70000-0x000000007FE41000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/4456-8-0x0000000000400000-0x0000000000E9D000-memory.dmp

    Filesize

    10.6MB

    Download

  • memory/4456-10-0x000000007FA70000-0x000000007FE41000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/4456-16-0x0000000000400000-0x0000000000E9D000-memory.dmp

    Filesize

    10.6MB

    Download