Overview

overview

5

Static

static

3

Rogue-main...ET.dll

windows7-x64

1

Rogue-main...ET.dll

windows10-2004-x64

1

Rogue-main/build.dll

windows7-x64

1

Rogue-main/build.dll

windows10-2004-x64

1

Rogue-main...or.exe

windows7-x64

5

Rogue-main...or.exe

windows10-2004-x64

5

Rogue-main...ce.exe

windows7-x64

3

Rogue-main...ce.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-10-2023 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Rogue-main/injector.exe

  • Size

    5.4MB

  • MD5

    bc97697a87579cd2efdf03f9a0926eb2

  • SHA1

    f505384c8b632aea7e5eb8b4f03ef075c67e66f5

  • SHA256

    6b60491abaf6c3238ea7797f304b4ba2da1368006b5ff0f7a840c718f2e6111e

  • SHA512

    1db9e2ee2ea0e683b3a35203455fa7404c164625f76033481649f6fdefecfe4b5ddd622e773dec43edb28d28c23f0013376dd50a247cf1832bd98f137dcc4ce5

  • SSDEEP

    98304:6iWk/dTDTy5WWXMniwwjgMzZoEhr2SjPnvbKPrw1WQk4UpGNVacItymcXSh2:XTDgoiwwjgMNBhrdP+jYWJBedoymcX

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Rogue-main\injector.exe
    "C:\Users\Admin\AppData\Local\Temp\Rogue-main\injector.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:3968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3968-0-0x00007FF7A19A0000-0x00007FF7A22D1000-memory.dmp

    Filesize

    9.2MB

    Download

  • memory/3968-2-0x00007FFAF0890000-0x00007FFAF0892000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3968-3-0x00007FFAF08A0000-0x00007FFAF08A2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3968-4-0x00007FF7A19A0000-0x00007FF7A22D1000-memory.dmp

    Filesize

    9.2MB

    Download

  • memory/3968-7-0x00007FF7A19A0000-0x00007FF7A22D1000-memory.dmp

    Filesize

    9.2MB

    Download