5b321c1c5a187dbc594a15cc8e95d22dd8a217bf648348313f01b594cd0ec4cd

Analysis

max time kernel
149s
max time network
120s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
06/01/2024, 12:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

TMNT-OOFS+9Tr-LNG_v1.0.exe
Size

2.1MB
MD5

29718d84abf3d0cb9a7a8f12fa712356
SHA1

c5daeef92290150eada7cfc48eb3c664de1e5a59
SHA256

c60996f42ef532853e011cbfec21b43b42f873204482aec7938c0fb059b0dfaf
SHA512

294f046300905cecc9613b74c9b782d7c15035b6d73d7a9ede9365c5cdec12d53268881f1512361612ac3534fa2607e3e1d40618bb89ff37f493e6a50dd51d45
SSDEEP

49152:CxXCTssPsU7ln8m32PYsTwIQBEt+V5E4BVvC7CsbHkGuzYl:mXGtyJYmQBgyS4BV67CsbHWzO

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

pid	Process
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2740	TMNT-OOFS+9Tr-LNG_v1.0.exe

C:\Users\Admin\AppData\Local\Temp\TMNT-OOFS+9Tr-LNG_v1.0.exe
"C:\Users\Admin\AppData\Local\Temp\TMNT-OOFS+9Tr-LNG_v1.0.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2740-0-0x0000000000400000-0x0000000000C9C000-memory.dmp

Filesize
8.6MB

Download
memory/2740-1-0x0000000000400000-0x0000000000C9C000-memory.dmp

Filesize
8.6MB

Download
memory/2740-4-0x0000000000400000-0x0000000000C9C000-memory.dmp

Filesize
8.6MB

Download