920841766c2da541592a0ae874c8528cdb6b3009b5f1873c4d19bacbb116ac40

Analysis

max time kernel
150s
max time network
157s
platform
windows10-1703_x64
resource
win10-20231025-en
resource tags

arch:x64arch:x86image:win10-20231025-enlocale:en-usos:windows10-1703-x64system
submitted
21/11/2023, 17:14

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

DeadCodeLauncher.exe
Size

9.0MB
MD5

ac8388a792b0401fd6621e760f4c7794
SHA1

47c13ebdb00cbb8e0ec71c5b0a6070accc2293c0
SHA256

920841766c2da541592a0ae874c8528cdb6b3009b5f1873c4d19bacbb116ac40
SHA512

51596efeefd0a877d35783a68d389c7e498e26684c2e4bc49045a4a2644c3f7b8561a7593e030a750b86b1dc1c1a038c2a17080ffb1510afa25a78304c51f321
SSDEEP

196608:eewLDETe6rklPsowwaEAIrpOZOu83ifnZfBZQHwKP6pFbOpaC:92gxASg1h1Owu83iflBZSwKAFbO8C

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
4228	DeadCodeLauncher.exe
4228	DeadCodeLauncher.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4228	DeadCodeLauncher.exe
4228	DeadCodeLauncher.exe
4228	DeadCodeLauncher.exe
4228	DeadCodeLauncher.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4228	DeadCodeLauncher.exe

C:\Users\Admin\AppData\Local\Temp\DeadCodeLauncher.exe
"C:\Users\Admin\AppData\Local\Temp\DeadCodeLauncher.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
PID:4228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4228-1-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-3-0x00000000004E0000-0x000000000052E000-memory.dmp

Filesize
312KB

Download
memory/4228-2-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-4-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-5-0x00000000004E0000-0x000000000052E000-memory.dmp

Filesize
312KB

Download
memory/4228-9-0x00007FF99CF30000-0x00007FF99CF32000-memory.dmp

Filesize
8KB

Download
memory/4228-10-0x00007FF99CF40000-0x00007FF99CF42000-memory.dmp

Filesize
8KB

Download
memory/4228-12-0x00007FF99CF60000-0x00007FF99CF62000-memory.dmp

Filesize
8KB

Download
memory/4228-13-0x00007FF99CF70000-0x00007FF99CF72000-memory.dmp

Filesize
8KB

Download
memory/4228-14-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-15-0x00007FF99CF80000-0x00007FF99CF82000-memory.dmp

Filesize
8KB

Download
memory/4228-16-0x00007FF99CF90000-0x00007FF99CF92000-memory.dmp

Filesize
8KB

Download
memory/4228-11-0x00007FF99CF50000-0x00007FF99CF52000-memory.dmp

Filesize
8KB

Download
memory/4228-17-0x00007FF99CFA0000-0x00007FF99CFA2000-memory.dmp

Filesize
8KB

Download
memory/4228-18-0x00007FF99CFB0000-0x00007FF99CFB2000-memory.dmp

Filesize
8KB

Download
memory/4228-19-0x00007FF99CFC0000-0x00007FF99CFC2000-memory.dmp

Filesize
8KB

Download
memory/4228-20-0x00007FF99CFD0000-0x00007FF99CFD2000-memory.dmp

Filesize
8KB

Download
memory/4228-21-0x00007FF99CFE0000-0x00007FF99CFE2000-memory.dmp

Filesize
8KB

Download
memory/4228-22-0x00007FF99CFF0000-0x00007FF99CFF2000-memory.dmp

Filesize
8KB

Download
memory/4228-23-0x00007FF99D000000-0x00007FF99D002000-memory.dmp

Filesize
8KB

Download
memory/4228-24-0x00007FF99D010000-0x00007FF99D012000-memory.dmp

Filesize
8KB

Download
memory/4228-26-0x00007FF99D030000-0x00007FF99D032000-memory.dmp

Filesize
8KB

Download
memory/4228-25-0x00007FF99D020000-0x00007FF99D022000-memory.dmp

Filesize
8KB

Download
memory/4228-27-0x0000000002260000-0x00000000024C3000-memory.dmp

Filesize
2.4MB

Download
memory/4228-32-0x0000000002260000-0x00000000024C3000-memory.dmp

Filesize
2.4MB

Download
memory/4228-33-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-37-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-38-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-39-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-40-0x00000000004E0000-0x000000000052E000-memory.dmp

Filesize
312KB

Download
memory/4228-41-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-42-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-43-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-44-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-45-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-46-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-47-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-48-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-49-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-50-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-51-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-52-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-53-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-54-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download
memory/4228-55-0x0000000140000000-0x0000000141A31000-memory.dmp

Filesize
26.2MB

Download