dc25da4a45453cb00056963251d9655ef79b4ea38229f4bfeb339c18ad75f02e

Analysis

max time kernel
124s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
17/11/2023, 05:18

Target

tmp.exe
Size

3.9MB
MD5

94b8145a8ae4ef701b8e34c382209b16
SHA1

b4813f35d0c8049f9c68cacb5bdd003df1030942
SHA256

dc25da4a45453cb00056963251d9655ef79b4ea38229f4bfeb339c18ad75f02e
SHA512

6da6466a55c5bf0a679c7137081171c1d222f2802ebef4e57ec72b46e381ad72184e9c07d77414ef8046bf21ab3fe63334db82121fd223173b2478e2bc6c8f38
SSDEEP

98304:cNOsDVDhiXQMeKweELtiUkWvncWmnNFyloO6VZd3dRO3:cNOsDVDhLMeteTG9mCOO6VzO

Score

5^/10

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
844	tmp.exe
844	tmp.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
844	tmp.exe
844	tmp.exe

memory/844-0-0x00007FFE54BD0000-0x00007FFE54BD2000-memory.dmp

Filesize
8KB

Download
memory/844-1-0x00007FFE54BE0000-0x00007FFE54BE2000-memory.dmp

Filesize
8KB

Download
memory/844-2-0x0000000140000000-0x0000000140980000-memory.dmp

Filesize
9.5MB

Download
memory/844-3-0x0000000140000000-0x0000000140980000-memory.dmp

Filesize
9.5MB

Download
memory/844-7-0x0000000140000000-0x0000000140980000-memory.dmp

Filesize
9.5MB

Download