Overview

overview

3

Static

static

3

hypertermi...ns.dll

windows7-x64

1

hypertermi...ns.dll

windows10-2004-x64

1

hypertermi...is.dll

windows7-x64

1

hypertermi...is.dll

windows10-2004-x64

3

hypertermi...rm.dll

windows7-x64

1

hypertermi...rm.dll

windows10-2004-x64

1

hypertermi...rm.exe

windows7-x64

1

hypertermi...rm.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11-10-2023 12:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hyperterminal/hypertrm.exe

  • Size

    27KB

  • MD5

    e343d8fd33a81412efd19e80994e1019

  • SHA1

    c09227a10e215b40883bb651dc817c66ff53680d

  • SHA256

    111a2de2d916b60ecd53a80b82e395b553248a18eaa8a6e893756a98580f4a21

  • SHA512

    7873eec42cd08d95cd5dccfc95545ba347a585f2910ebd038a64a6e2fe1c90cd6b1c9c52d7b73955296275ee1dd0f2af51b137130ea43ab278e91f7f7ad4d8f3

  • SSDEEP

    384:KLR4JqsYPGyur9idnY89fgIXtee3HX6zUMsgUqjX17E+qu+S2nfPjIREaFgW:8R02G9GnF4NrIMWG5ErjS2HjIREA

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\hyperterminal\hypertrm.exe
    "C:\Users\Admin\AppData\Local\Temp\hyperterminal\hypertrm.exe"
    1⤵
    • Modifies registry class
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads