Analysis
-
max time kernel
143s -
max time network
174s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
01/01/2024, 11:21
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3cb6fb827386f8e94d447c764dcc072e.exe
Resource
win7-20231215-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
3cb6fb827386f8e94d447c764dcc072e.exe
Resource
win10v2004-20231215-en
2 signatures
150 seconds
General
-
Target
3cb6fb827386f8e94d447c764dcc072e.exe
-
Size
1.9MB
-
MD5
3cb6fb827386f8e94d447c764dcc072e
-
SHA1
e4f9959b7b31b9e0437e6b7b49267164d18ea2c6
-
SHA256
f91610ae25056478e4d016caf5dbbc5866ad55b0423f33e0eeedcaa3968caeb9
-
SHA512
e441291f37e57b7698202f9488a351dde4bb17e837100334252016ac2782d2429a235198b962ce7ea234ad358127c72e03b27d42840677ce0aa8980779f81b74
-
SSDEEP
49152:Qvg5Jlqh51SS6a6gURviHgiRPzAGXcrvLgjdBPSkjJ:l5Q5k/PBiAqrcIT1jJ
Score
5/10
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
pid Process 4160 3cb6fb827386f8e94d447c764dcc072e.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 4160 3cb6fb827386f8e94d447c764dcc072e.exe 4160 3cb6fb827386f8e94d447c764dcc072e.exe