Overview

overview

5

Static

static

3

b8c0bcd03a...c6.exe

windows7-x64

5

b8c0bcd03a...c6.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    198s
  • max time network
    209s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 14:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b8c0bcd03a81081f101a204806f1e3a2a10af3d1a01af4f121e2a4dafe8d01c6.exe

  • Size

    10.2MB

  • MD5

    2e4bbb206f7f6aaa981841b45c4ad72d

  • SHA1

    a20244dcf51a8cd56e2da76f258d92bbae5cf7fa

  • SHA256

    b8c0bcd03a81081f101a204806f1e3a2a10af3d1a01af4f121e2a4dafe8d01c6

  • SHA512

    f29b1a238437f1ba965f21031cb518c03c85c3c6e9653baa9257c45dc46d8047ee64618c54f82457f9b7a387334447a1c2f847fddc7281e6c9a9a85f630a7d5e

  • SSDEEP

    196608:GylsSRy3q/Kw/Y2QT8eliBweLuWVYGxfepdzDRuKyfDWAB2KkM7tm6:jlsTGJwT8e0mzWiwfepdZJRM7tf

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b8c0bcd03a81081f101a204806f1e3a2a10af3d1a01af4f121e2a4dafe8d01c6.exe
    "C:\Users\Admin\AppData\Local\Temp\b8c0bcd03a81081f101a204806f1e3a2a10af3d1a01af4f121e2a4dafe8d01c6.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2340-2-0x0000000001840000-0x0000000001841000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2340-3-0x00000000035C0000-0x00000000035C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2340-4-0x00000000035D0000-0x00000000035D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2340-5-0x0000000003600000-0x0000000003601000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2340-7-0x0000000003630000-0x0000000003631000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2340-8-0x0000000000400000-0x0000000001740000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/2340-10-0x0000000003650000-0x0000000003651000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2340-9-0x0000000003640000-0x0000000003641000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2340-6-0x0000000003610000-0x0000000003611000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2340-0-0x0000000000400000-0x0000000001740000-memory.dmp

    Filesize

    19.2MB

    Download

  • memory/2340-14-0x0000000000400000-0x0000000001740000-memory.dmp

    Filesize

    19.2MB

    Download