Overview

overview

5

Static

static

3

bb6402cc5d...29.exe

windows7-x64

5

bb6402cc5d...29.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    150s
  • max time network
    136s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-10-2023 17:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bb6402cc5d918b75fc87668a07e03984b524a25997aa58cca53f6bc12364b329.exe

  • Size

    3.3MB

  • MD5

    2829a627d39951c953d1398e35c936f0

  • SHA1

    e754de28479ff17bb89a5fb09059c8b70127fcc8

  • SHA256

    bb6402cc5d918b75fc87668a07e03984b524a25997aa58cca53f6bc12364b329

  • SHA512

    f96936e35830e76f990d66ff8879372de7627ebb6b748525a490adc55e3bb3d94154ce40e2b646fcf5e23e2bc0e0b76087b1fcf97b4e21f49af9ca01c44e215f

  • SSDEEP

    49152:yn+zAOsJEhSYaxzRwCe6U71aJaP/7Fp8L3dInmSSWOpMuCmq5HXyittdHL:y+7oEhSnPneR71uaPKImSMpMZmyXxtRL

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bb6402cc5d918b75fc87668a07e03984b524a25997aa58cca53f6bc12364b329.exe
    "C:\Users\Admin\AppData\Local\Temp\bb6402cc5d918b75fc87668a07e03984b524a25997aa58cca53f6bc12364b329.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3304

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3304-0-0x0000000000400000-0x000000000081A000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/3304-1-0x00000000771E0000-0x00000000773F5000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/3304-3875-0x0000000075D50000-0x0000000075EF0000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3304-5884-0x00000000775B0000-0x000000007762A000-memory.dmp

    Filesize

    488KB

    Download

  • memory/3304-13069-0x0000000000400000-0x000000000081A000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/3304-13070-0x0000000000400000-0x000000000081A000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/3304-13071-0x0000000000400000-0x000000000081A000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/3304-13072-0x0000000000400000-0x000000000081A000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/3304-13074-0x0000000000400000-0x000000000081A000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/3304-13075-0x0000000000400000-0x000000000081A000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/3304-13076-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3304-13077-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3304-13078-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3304-13079-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3304-13080-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3304-13081-0x0000000000400000-0x000000000081A000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/3304-13082-0x0000000000400000-0x000000000081A000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/3304-13084-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3304-13083-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3304-13085-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3304-13086-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

    Filesize

    4KB

    Download