Overview

overview

5

Static

static

3

d986cd553e...e9.exe

windows7-x64

5

d986cd553e...e9.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 08:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d986cd553edc209f0e42a3c1d94fa8e9267394227aedd4a5352a77e3132cc2e9.exe

  • Size

    2.5MB

  • MD5

    9f08f5e53cdcdc59bad0d8a28a2e9387

  • SHA1

    821fdce9469ff00aa0d4a2b62aaa49acc34415a1

  • SHA256

    d986cd553edc209f0e42a3c1d94fa8e9267394227aedd4a5352a77e3132cc2e9

  • SHA512

    27a3b204b543974f68347341f683144d3165f857c102ac1761b1bbd1085095b36bf37598298b41fd674015321c3acfe5b46ecacc682c45f79be40cedc1f763a6

  • SSDEEP

    49152:jRdphR5sTyZ4pgd09tKhT/1bKKfIvDugt2ysOMooox7:jd5sTLx9ojg7uA7sOMooS

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d986cd553edc209f0e42a3c1d94fa8e9267394227aedd4a5352a77e3132cc2e9.exe
    "C:\Users\Admin\AppData\Local\Temp\d986cd553edc209f0e42a3c1d94fa8e9267394227aedd4a5352a77e3132cc2e9.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:836

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/836-0-0x000000006F350000-0x000000006F360000-memory.dmp

          Filesize

          64KB

          Download

        • memory/836-1-0x0000000000CB0000-0x0000000000D9C000-memory.dmp

          Filesize

          944KB

          Download

        • memory/836-5-0x000000006F350000-0x000000006F360000-memory.dmp

          Filesize

          64KB

          Download

        • memory/836-9-0x000000006F350000-0x000000006F360000-memory.dmp

          Filesize

          64KB

          Download

        • memory/836-10-0x0000000077920000-0x0000000077922000-memory.dmp

          Filesize

          8KB

          Download

        • memory/836-17-0x0000000077920000-0x0000000077921000-memory.dmp

          Filesize

          4KB

          Download