Overview

overview

5

Static

static

3

3280406eff...b6.exe

windows7-x64

5

3280406eff...b6.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    162s
  • max time network
    175s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2023, 16:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3280406effc785d745c65627ed22aaab498958d34c93b845def6f3f768bca5b6.exe

  • Size

    1.7MB

  • MD5

    785564cc488b805749b236a81a841de2

  • SHA1

    3647a45178c7a55b88a820b15bda42325ab4309b

  • SHA256

    3280406effc785d745c65627ed22aaab498958d34c93b845def6f3f768bca5b6

  • SHA512

    391b522f052955f22a6c2777437b7c922c73a4aef76972e243e8300109540df7ab58f12dcb6898e416b89a48d68de6b94f65f0982c9610c1b9233f28544e7d6b

  • SSDEEP

    24576:9/XKGCxtnw+nRGbMg/cxb8h4vhGNRSniumOIueFeAamGCS/GcZc2rj+CrtjeQM:RKGCFnRGbP/a88iuVFd/r3nI

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 29 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3280406effc785d745c65627ed22aaab498958d34c93b845def6f3f768bca5b6.exe
    "C:\Users\Admin\AppData\Local\Temp\3280406effc785d745c65627ed22aaab498958d34c93b845def6f3f768bca5b6.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: RenamesItself
    • Suspicious use of SetWindowsHookEx
    PID:4476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4476-0-0x0000000000400000-0x00000000006C0000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4476-1-0x0000000075080000-0x0000000075295000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/4476-3875-0x00000000755E0000-0x0000000075780000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4476-5884-0x0000000076AA0000-0x0000000076B1A000-memory.dmp

    Filesize

    488KB

    Download

  • memory/4476-13069-0x0000000000400000-0x00000000006C0000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4476-13070-0x0000000000400000-0x00000000006C0000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4476-13071-0x0000000000400000-0x00000000006C0000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4476-13072-0x0000000000400000-0x00000000006C0000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4476-13074-0x0000000000400000-0x00000000006C0000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4476-13075-0x0000000000400000-0x00000000006C0000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4476-13076-0x0000000000400000-0x00000000006C0000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4476-13077-0x0000000010000000-0x0000000010009000-memory.dmp

    Filesize

    36KB

    Download

  • memory/4476-13080-0x0000000000400000-0x00000000006C0000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4476-13081-0x0000000000400000-0x00000000006C0000-memory.dmp

    Filesize

    2.8MB

    Download