Overview

overview

5

Static

static

3

c8fdd7036d...de.exe

windows7-x64

5

c8fdd7036d...de.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-09-2023 02:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c8fdd7036d15e6170b3640c7a9f933665682f4324d217ffa3885268db33988de.exe

  • Size

    4.5MB

  • MD5

    ed694327f702a860fbd0520dcb997e48

  • SHA1

    f14c44e928ca5c458554fc00e3f470b2ae2c9df2

  • SHA256

    c8fdd7036d15e6170b3640c7a9f933665682f4324d217ffa3885268db33988de

  • SHA512

    4e917ed9baa92e24f0a911fd5cdb08b81003f8791040a1da358a44b7727bcc58d256226c666c48c1d40e32c27bee2641da47b9c507882cf6f75a36fb65cf70cb

  • SSDEEP

    49152:yLDkJC5RU0fcJaouCZ4JXUOpDV5gFN//GVDQeZc6Z/jWwdRC02m:eoYbU7NhKJXxVC/AQGcSbLmm

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 64 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c8fdd7036d15e6170b3640c7a9f933665682f4324d217ffa3885268db33988de.exe
    "C:\Users\Admin\AppData\Local\Temp\c8fdd7036d15e6170b3640c7a9f933665682f4324d217ffa3885268db33988de.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:2252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2252-0-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-1-0x00000000761D0000-0x00000000763E5000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/2252-3875-0x0000000074ED0000-0x0000000075070000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2252-5884-0x0000000076D90000-0x0000000076E0A000-memory.dmp

    Filesize

    488KB

    Download

  • memory/2252-13073-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13074-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13075-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13076-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13077-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13078-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13079-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13080-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13081-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13082-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13083-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13084-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13085-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download

  • memory/2252-13086-0x0000000000400000-0x000000000087A000-memory.dmp

    Filesize

    4.5MB

    Download