Overview

overview

7

Static

static

7

Privoxy.exe

windows7-x64

7

Privoxy.exe

windows10-2004-x64

7

x64/NTT.exe

windows7-x64

1

x64/NTT.exe

windows10-2004-x64

1

x64/NetchCore.dll

windows7-x64

1

x64/NetchCore.dll

windows10-2004-x64

1

x64/ShadowsocksR.exe

windows7-x64

1

x64/ShadowsocksR.exe

windows10-2004-x64

1

x64/Win-10.sys

windows7-x64

1

x64/Win-10.sys

windows10-2004-x64

1

x64/Win-7.sys

windows7-x64

1

x64/Win-7.sys

windows10-2004-x64

1

x64/Win-8.sys

windows7-x64

1

x64/Win-8.sys

windows10-2004-x64

1

x64/ck-client.exe

windows7-x64

x64/ck-client.exe

windows10-2004-x64

x64/dns2tcp.exe

windows7-x64

1

x64/dns2tcp.exe

windows10-2004-x64

1

x64/nfapi.dll

windows7-x64

1

x64/nfapi.dll

windows10-2004-x64

1

x64/nfapinet.dll

windows7-x64

7

x64/nfapinet.dll

windows10-2004-x64

7

x64/sysproxy.dll

windows7-x64

1

x64/sysproxy.dll

windows10-2004-x64

1

x64/tap-dr...ll.bat

windows7-x64

5

x64/tap-dr...ll.bat

windows10-2004-x64

5

x64/tap-dr...01.sys

windows7-x64

1

x64/tap-dr...01.sys

windows10-2004-x64

1

x64/tap-dr...ll.exe

windows7-x64

1

x64/tap-dr...ll.exe

windows10-2004-x64

1

x64/tun2socks.exe

windows7-x64

1

x64/tun2socks.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2023, 12:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    x64/NTT.exe

  • Size

    16KB

  • MD5

    ac246b067be65f9cbb00fa564d585001

  • SHA1

    5e7009d58b83d2cc84e5628047be5e51ce3b52cd

  • SHA256

    4153a68be4b76e8a970ff23fcea52ef07378b676ec03380f32270d00c8bacefa

  • SHA512

    551f0d1528c7549cff3fe2833f385e22f46e87c8af6d0a44ba073824a1c04133a294e53edec2ae53a6d976d1c7af38288f73a2cf29c590f951b43dcc38cbae8c

  • SSDEEP

    192:RbTkzPlzLTWR0XFNF4eIGZw4yIbRnaklSb9a2mFSpwb3IsRS2LHfEbxVpUK5IeUa:dAxaWbpFlSb9aRQ+b3bRpMWKfUm8

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\x64\NTT.exe
    "C:\Users\Admin\AppData\Local\Temp\x64\NTT.exe"
    1⤵
      PID:3364

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3364-0-0x0000026510AF0000-0x0000026510AFA000-memory.dmp

            Filesize

            40KB

            Download

          • memory/3364-1-0x00007FFDCEE50000-0x00007FFDCF911000-memory.dmp

            Filesize

            10.8MB

            Download

          • memory/3364-2-0x000002652B130000-0x000002652B140000-memory.dmp

            Filesize

            64KB

            Download

          • memory/3364-4-0x00007FFDCEE50000-0x00007FFDCF911000-memory.dmp

            Filesize

            10.8MB

            Download