Overview

overview

5

Static

static

3

b618e1b147...35.exe

windows7-x64

5

b618e1b147...35.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    152s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2023, 05:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b618e1b147cb86ce4577fbb93159a735.exe

  • Size

    42.0MB

  • MD5

    b618e1b147cb86ce4577fbb93159a735

  • SHA1

    614c225e955ef5be22d1634f0d0076ac43fde6bc

  • SHA256

    8e315742187129ef3f131b4f85463528bce1ad3786cc82878c74f0713f0952b3

  • SHA512

    81b458870b29ac967b5b7b3cca427a655f66582b2f6ffac482c08592c1f82614aa5a318d0be4be822a580679413b325f153bccc8bdc450641da095e2b5695082

  • SSDEEP

    786432:yNBX/wt7nsP5vDU0ViaasnRLZoIF80XC4KktY6BIK//Z4aOx2RWavT:yb/8sBA0faKLWIFnRYY/x4

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b618e1b147cb86ce4577fbb93159a735.exe
    "C:\Users\Admin\AppData\Local\Temp\b618e1b147cb86ce4577fbb93159a735.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2100-1-0x0000000006C90000-0x0000000006C91000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-2-0x0000000006D40000-0x0000000006D41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-3-0x0000000006D50000-0x0000000006D51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-4-0x0000000006D60000-0x0000000006D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-5-0x0000000007260000-0x0000000007261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-6-0x0000000007270000-0x0000000007271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-7-0x0000000008B30000-0x0000000008B31000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-8-0x0000000008B40000-0x0000000008B41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-9-0x0000000000400000-0x0000000001400000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/2100-11-0x0000000008CE0000-0x0000000008CE1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-13-0x00000000091B0000-0x00000000091B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-12-0x0000000009190000-0x0000000009191000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-14-0x000000000ABA0000-0x000000000ABA1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-15-0x0000000008CE0000-0x0000000008CE1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2100-16-0x000000000ABA0000-0x000000000ABA1000-memory.dmp

    Filesize

    4KB

    Download