Overview

overview

10

Static

static

3

7520c8a018...d1.exe

windows7-x64

5

7520c8a018...d1.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    152s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 17:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7520c8a018f453f8707858ce31f29cd1.exe

  • Size

    874KB

  • MD5

    7520c8a018f453f8707858ce31f29cd1

  • SHA1

    87d618344e01afa04fe6ebe2cd44d3550f6d44b4

  • SHA256

    ce841f6ac1af8af0b7ea1320d5b362b9c92e2cfb1e11ceb0144f2396d70bf187

  • SHA512

    f0a3bd7429b5114b6b88b34d51c92cbbf59a072952b7433a69e730fb55127ab3411ebf8e5b01bd546f45cb5858472d90e40cead86062332db262a6e991066dee

  • SSDEEP

    12288:jP2q1UidZTYVwLJJa8MjesJGsCGo7YNQFLPxez8dFlZqBLEx/5FemhJqMrUANW+Y:JYEJJijbNIwQSz+81EbFL3NrU0W0RK

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 15 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7520c8a018f453f8707858ce31f29cd1.exe
    "C:\Users\Admin\AppData\Local\Temp\7520c8a018f453f8707858ce31f29cd1.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:1448

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1448-1-0x0000000000400000-0x0000000000834000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/1448-2-0x0000000000400000-0x0000000000834000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/1448-4-0x0000000000350000-0x0000000000351000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1448-5-0x0000000000400000-0x0000000000834000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/1448-7-0x0000000000350000-0x0000000000351000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1448-8-0x0000000000400000-0x0000000000834000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/1448-9-0x0000000000400000-0x0000000000834000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/1448-10-0x0000000000400000-0x0000000000834000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/1448-11-0x0000000000400000-0x0000000000834000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/1448-13-0x0000000000400000-0x0000000000834000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/1448-16-0x0000000000400000-0x0000000000834000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/1448-18-0x0000000000400000-0x0000000000834000-memory.dmp

    Filesize

    4.2MB

    Download