Overview

overview

5

Static

static

3

646706d58a...5c.exe

windows7-x64

5

646706d58a...5c.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    08-10-2023 14:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    646706d58a2638863e575d4fe811cc7a8ffa0bb9c2952116daaae6ac625daf5c.exe

  • Size

    2.8MB

  • MD5

    40d4b0d0631ea07db19a89eb6e234ade

  • SHA1

    aead9585cc58b74a8dc710e0863aaeedf80acd26

  • SHA256

    646706d58a2638863e575d4fe811cc7a8ffa0bb9c2952116daaae6ac625daf5c

  • SHA512

    f4a2a185e74e578b1485bf9e3d8cfb63f1ea53d22f13fdf1c6594ebed7b512974b448447259ad973ab11844035b98abb8afdb0872dee7a033f1cc6cb58334b41

  • SSDEEP

    49152:gRsTP/1H9KuRlikznsqLIfskf8grEKlWu6cF3dtaSCrL5:5TneuXikz5Mfsk2W9T3dYr

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\646706d58a2638863e575d4fe811cc7a8ffa0bb9c2952116daaae6ac625daf5c.exe
    "C:\Users\Admin\AppData\Local\Temp\646706d58a2638863e575d4fe811cc7a8ffa0bb9c2952116daaae6ac625daf5c.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:2708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2708-0-0x0000000000400000-0x00000000007B7000-memory.dmp

    Filesize

    3.7MB

    Download

  • memory/2708-1-0x0000000002430000-0x0000000002512000-memory.dmp

    Filesize

    904KB

    Download

  • memory/2708-2-0x0000000000400000-0x00000000007B7000-memory.dmp

    Filesize

    3.7MB

    Download

  • memory/2708-3-0x0000000002430000-0x0000000002512000-memory.dmp

    Filesize

    904KB

    Download