0a3af6d0d402e4520cb6e88751b24c73893346e99783e00f20aeae8b8f3cff0c

Analysis

max time kernel
161s
max time network
183s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2023, 06:01

Target

0a3af6d0d402e4520cb6e88751b24c73893346e99783e00f20aeae8b8f3cff0c.exe
Size

2.3MB
MD5

1c72896272f092cced79520a3f45741c
SHA1

cf900975b8a99e59b3d02461e986accdeb845977
SHA256

0a3af6d0d402e4520cb6e88751b24c73893346e99783e00f20aeae8b8f3cff0c
SHA512

30cf2030fe16dcda9e5fdd482724fa950228d7197f5122da18be6cca51dc534721a0c7dbc2abb7f6c326738972889b4ff4220a0ae8cf723f5e21d12348be84fc
SSDEEP

49152:vbCtL4fcF3dtaSCrL67I9L0uDYehckrA94J:+tLZ3dYrG7VEYQxJ

Score

5^/10

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

pid	Process
3104	0a3af6d0d402e4520cb6e88751b24c73893346e99783e00f20aeae8b8f3cff0c.exe

C:\Users\Admin\AppData\Local\Temp\0a3af6d0d402e4520cb6e88751b24c73893346e99783e00f20aeae8b8f3cff0c.exe
"C:\Users\Admin\AppData\Local\Temp\0a3af6d0d402e4520cb6e88751b24c73893346e99783e00f20aeae8b8f3cff0c.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
PID:3104

memory/3104-0-0x0000000000400000-0x00000000005DE000-memory.dmp

Filesize
1.9MB

Download
memory/3104-1-0x00000000025F0000-0x00000000026D2000-memory.dmp

Filesize
904KB

Download
memory/3104-2-0x0000000000400000-0x00000000005DE000-memory.dmp

Filesize
1.9MB

Download
memory/3104-3-0x00000000025F0000-0x00000000026D2000-memory.dmp

Filesize
904KB

Download