8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
12/10/2023, 13:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53.exe
Size

812KB
MD5

783263a5157b9d5cb70335625e0d5450
SHA1

e42497fdd47c2b5a76465df12ff257c17c9882e0
SHA256

8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53
SHA512

137d01b3e7f7d9943b9bedde4fec555d0ec9e5f91c9d49eaf69d3bcc959fb27342a5a0d4864ab12e1b0efbae7971e5b6a6ee307e61545e0fe7b6ede6f6b1988b
SSDEEP

12288:9qmytVdB0rPEDb3kCoI641jxy7GHEX2rnAv8MktrOKxp22CMOZ/1Sq:9qxtVfNDb31oT41+aneOrO4p2zMOZ/V

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2268	1B0F0F0C120D156E155A15C0E0A160E0F160D.exe

Loads dropped DLL 2 IoCs

pid	Process
2324	8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53.exe
2324	8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53.exe

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
2324	8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53.exe
2268	1B0F0F0C120D156E155A15C0E0A160E0F160D.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2324 wrote to memory of 2268	2324	8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53.exe	28
PID 2324 wrote to memory of 2268	2324	8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53.exe	28
PID 2324 wrote to memory of 2268	2324	8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53.exe	28
PID 2324 wrote to memory of 2268	2324	8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53.exe	28

C:\Users\Admin\AppData\Local\Temp\8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53.exe
"C:\Users\Admin\AppData\Local\Temp\8ccc7f360a61a4529ec4463e67257fb045425e72db6cb01ed438646ae82d1b53.exe"
1⤵
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of WriteProcessMemory
PID:2324
- C:\Users\Admin\AppData\Local\Temp\1B0F0F0C120D156E155A15C0E0A160E0F160D.exe
  C:\Users\Admin\AppData\Local\Temp\1B0F0F0C120D156E155A15C0E0A160E0F160D.exe
  2⤵
  - Executes dropped EXE
  - Suspicious use of NtSetInformationThreadHideFromDebugger
  PID:2268

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\1B0F0F0C120D156E155A15C0E0A160E0F160D.exe

Filesize
812KB

MD5
9c5158b2c4fb61fa8cdf81df68413d8c

SHA1
24300da4e142fa946e5025a176687470f72050c1

SHA256
b6b331a3aee4cd38b87a0f9ef81fbac61c469b473ff5b3a156f87c2d589e5861

SHA512
37470dd1850490aa5aff1c368ad91d9754fa29d3d572f9ba7b284a476219f90b4df9eea2cb1cb809a26af12a0d30464cf19402bf523dd48aef0b2e05446a4018

Download Submit
C:\Users\Admin\AppData\Local\Temp\1B0F0F0C120D156E155A15C0E0A160E0F160D.exe

Filesize
812KB

MD5
9c5158b2c4fb61fa8cdf81df68413d8c

SHA1
24300da4e142fa946e5025a176687470f72050c1

SHA256
b6b331a3aee4cd38b87a0f9ef81fbac61c469b473ff5b3a156f87c2d589e5861

SHA512
37470dd1850490aa5aff1c368ad91d9754fa29d3d572f9ba7b284a476219f90b4df9eea2cb1cb809a26af12a0d30464cf19402bf523dd48aef0b2e05446a4018

Download Submit
\Users\Admin\AppData\Local\Temp\1B0F0F0C120D156E155A15C0E0A160E0F160D.exe

Filesize
812KB

MD5
9c5158b2c4fb61fa8cdf81df68413d8c

SHA1
24300da4e142fa946e5025a176687470f72050c1

SHA256
b6b331a3aee4cd38b87a0f9ef81fbac61c469b473ff5b3a156f87c2d589e5861

SHA512
37470dd1850490aa5aff1c368ad91d9754fa29d3d572f9ba7b284a476219f90b4df9eea2cb1cb809a26af12a0d30464cf19402bf523dd48aef0b2e05446a4018

Download Submit
\Users\Admin\AppData\Local\Temp\1B0F0F0C120D156E155A15C0E0A160E0F160D.exe

Filesize
812KB

MD5
9c5158b2c4fb61fa8cdf81df68413d8c

SHA1
24300da4e142fa946e5025a176687470f72050c1

SHA256
b6b331a3aee4cd38b87a0f9ef81fbac61c469b473ff5b3a156f87c2d589e5861

SHA512
37470dd1850490aa5aff1c368ad91d9754fa29d3d572f9ba7b284a476219f90b4df9eea2cb1cb809a26af12a0d30464cf19402bf523dd48aef0b2e05446a4018

Download Submit
memory/2268-12-0x0000000000400000-0x00000000005AB000-memory.dmp

Filesize
1.7MB

Download
memory/2268-14-0x0000000000400000-0x00000000005AB000-memory.dmp

Filesize
1.7MB

Download
memory/2268-15-0x0000000000400000-0x00000000005AB000-memory.dmp

Filesize
1.7MB

Download
memory/2324-0-0x0000000000400000-0x00000000005AB000-memory.dmp

Filesize
1.7MB

Download
memory/2324-1-0x0000000000400000-0x00000000005AB000-memory.dmp

Filesize
1.7MB

Download
memory/2324-10-0x0000000000400000-0x00000000005AB000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads