Overview

overview

5

Static

static

3

6d3e2eab6e...1b.exe

windows7-x64

5

6d3e2eab6e...1b.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    141s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231025-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/11/2023, 23:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6d3e2eab6e817be77ec977df794ca994715bad39762faed0f9a87e4969326b1b.exe

  • Size

    4.4MB

  • MD5

    33613d23a494681a3eb8753f8023f8d7

  • SHA1

    21f039ca0d0f0ae41f4de23946569f4ce1cbf1a1

  • SHA256

    6d3e2eab6e817be77ec977df794ca994715bad39762faed0f9a87e4969326b1b

  • SHA512

    3c57b0ea354207d580e36dee2b5699e37c1afb8fb3299c7ee38609e534fb4a01d14c7da461c78271ca79a0a6f4ac8236d6daba9cabaea5b207661fd438008a25

  • SSDEEP

    98304:MeksA2LqVDJO8RGgOubqxM7Q/jKmIF39BHDk7yk4jDj/Oj0/hylpYm:cDVJOubqxZDIxjHI7ylHjTIi

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 3 IoCs
  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6d3e2eab6e817be77ec977df794ca994715bad39762faed0f9a87e4969326b1b.exe
    "C:\Users\Admin\AppData\Local\Temp\6d3e2eab6e817be77ec977df794ca994715bad39762faed0f9a87e4969326b1b.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:3116
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3116 -s 264
      2⤵
      • Program crash
      PID:1932
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3116 -ip 3116
    1⤵
      PID:4272

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3116-0-0x0000000000400000-0x0000000000AE0000-memory.dmp

            Filesize

            6.9MB

            Download

          • memory/3116-1-0x00000000027E0000-0x00000000028B3000-memory.dmp

            Filesize

            844KB

            Download

          • memory/3116-3-0x0000000000400000-0x0000000000AE0000-memory.dmp

            Filesize

            6.9MB

            Download

          • memory/3116-4-0x0000000002700000-0x0000000002708000-memory.dmp

            Filesize

            32KB

            Download

          • memory/3116-6-0x0000000000400000-0x0000000000AE0000-memory.dmp

            Filesize

            6.9MB

            Download