0a4f4dfce14476f46d441eac6f42aaad4c583f68aef91611779f18a2c3ca37f4

Analysis

max time kernel
141s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
21/10/2023, 07:53

Target

0a4f4dfce14476f46d441eac6f42aaad4c583f68aef91611779f18a2c3ca37f4.exe
Size

1.6MB
MD5

f6ddf2a24b99ace4196a555b0e50a382
SHA1

bde63276f70a1528d02d5788249c2124a78372cf
SHA256

0a4f4dfce14476f46d441eac6f42aaad4c583f68aef91611779f18a2c3ca37f4
SHA512

475e8a9bbc8bff5afcf387507fb14cf81b739458fb4c9b9a3d585fd9397f7b2aa9dfe47dd95c3208e6feef096b184da0158f318787f8df981a5e55e4d24e8d04
SSDEEP

24576:++bBVxl8JCPgCHv8yDROiSt470Vv07bfV76F3dZDa3Cb2byC39bnakLwyhg:BYSgCHv8y9SecF3dtaSCrLI

Score

5^/10

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

pid	Process
568	0a4f4dfce14476f46d441eac6f42aaad4c583f68aef91611779f18a2c3ca37f4.exe

C:\Users\Admin\AppData\Local\Temp\0a4f4dfce14476f46d441eac6f42aaad4c583f68aef91611779f18a2c3ca37f4.exe
"C:\Users\Admin\AppData\Local\Temp\0a4f4dfce14476f46d441eac6f42aaad4c583f68aef91611779f18a2c3ca37f4.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
PID:568

memory/568-0-0x0000000000400000-0x00000000005E9000-memory.dmp

Filesize
1.9MB

Download
memory/568-1-0x0000000002780000-0x0000000002862000-memory.dmp

Filesize
904KB

Download
memory/568-2-0x0000000000400000-0x00000000005E9000-memory.dmp

Filesize
1.9MB

Download
memory/568-3-0x0000000002780000-0x0000000002862000-memory.dmp

Filesize
904KB

Download