Overview

overview

5

Static

static

3

5555555555...55.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    84s
  • max time network
    88s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/11/2023, 12:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5555555555555555555.exe

  • Size

    1.9MB

  • MD5

    ec801a7d4b72a288ec6c207bb9ff0131

  • SHA1

    32eec2ae1f9e201516fa7fcdc16c4928f7997561

  • SHA256

    b65f40618f584303ca0bcf9b5f88c233cc4237699c0c4bf40ba8facbe8195a46

  • SHA512

    a07dd5e8241de73ce65ff8d74acef4942b85fc45cf6a7baafd3c0f9d330b08e7412f2023ba667e99b40e732a65e8fb4389f7fe73c7b6256ca71e63afe46cdcac

  • SSDEEP

    49152:NNEVtO1U1y1DDDDDD7Llngq7NNMqU0p2Vhk9a:NNEVJyZlng4p2V

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtCreateThreadExHideFromDebugger 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5555555555555555555.exe
    "C:\Users\Admin\AppData\Local\Temp\5555555555555555555.exe"
    1⤵
    • Suspicious use of NtCreateThreadExHideFromDebugger
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\tmpD37A.tmp
    Filesize

    381B

    MD5

    1e4a89b11eae0fcf8bb5fdd5ec3b6f61

    SHA1

    4260284ce14278c397aaf6f389c1609b0ab0ce51

    SHA256

    4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df

    SHA512

    8c290919e456a80d87dd6d243e4713945432b9a2bc158bfa5b81ae9fed1a8dd693da51914fa4014c5b8596e36186a9c891741c3b9011958c7ac240b7d818f815

    Download Submit

  • memory/640-27-0x0000000020EA0000-0x0000000020FB0000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/640-2-0x000000001B230000-0x000000001B240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/640-3-0x000000001DA90000-0x000000001DAA2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/640-4-0x000000001DAF0000-0x000000001DB2C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/640-6-0x000000001B230000-0x000000001B240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/640-7-0x000000001B230000-0x000000001B240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/640-8-0x000000001B5E0000-0x000000001B789000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/640-9-0x00007FFD6D8F0000-0x00007FFD6E3B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/640-10-0x000000001B5E0000-0x000000001B789000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/640-11-0x000000001B230000-0x000000001B240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/640-12-0x000000001B230000-0x000000001B240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/640-13-0x000000001B5E0000-0x000000001B789000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/640-15-0x000000001B5E0000-0x000000001B789000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/640-16-0x000000001B230000-0x000000001B240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/640-17-0x000000001B5E0000-0x000000001B789000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/640-19-0x000000001B5E0000-0x000000001B789000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/640-0-0x0000000000520000-0x0000000000706000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/640-22-0x000000001B230000-0x000000001B240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/640-51-0x000000001E8F0000-0x000000001E8F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/640-31-0x000000001F940000-0x000000001F988000-memory.dmp

    Filesize

    288KB

    Download

  • memory/640-36-0x000000001C320000-0x000000001C321000-memory.dmp

    Filesize

    4KB

    Download

  • memory/640-38-0x000000001C320000-0x000000001C321000-memory.dmp

    Filesize

    4KB

    Download

  • memory/640-39-0x0000000180000000-0x00000001800D2000-memory.dmp

    Filesize

    840KB

    Download

  • memory/640-40-0x000000001B230000-0x000000001B240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/640-41-0x0000000180000000-0x00000001800D2000-memory.dmp

    Filesize

    840KB

    Download

  • memory/640-48-0x000000001C3F0000-0x000000001C3F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/640-49-0x000000001C3F0000-0x000000001C3F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/640-50-0x000000001C3F0000-0x000000001C400000-memory.dmp

    Filesize

    64KB

    Download

  • memory/640-1-0x00007FFD6D8F0000-0x00007FFD6E3B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/640-52-0x000000001E8F0000-0x000000001E8F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/640-53-0x000000001C3F0000-0x000000001C400000-memory.dmp

    Filesize

    64KB

    Download

  • memory/640-54-0x000000001E8F0000-0x000000001E8F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/640-55-0x000000001E8F0000-0x000000001E8F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/640-56-0x000000001C410000-0x000000001C411000-memory.dmp

    Filesize

    4KB

    Download

  • memory/640-58-0x000000001B5E0000-0x000000001B789000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/640-59-0x00007FFD6D8F0000-0x00007FFD6E3B1000-memory.dmp

    Filesize

    10.8MB

    Download