Analysis
-
max time kernel
16s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
24/02/2024, 13:18
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
tfghost v2.exe
Resource
win7-20240220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
tfghost v2.exe
Resource
win10v2004-20240221-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
tfghost v2.exe
-
Size
110KB
-
MD5
bb02000d02ecbb1be74be0d892e4d75c
-
SHA1
bd080bc8e104b90f8123cbba763618f6ac6c6923
-
SHA256
d12015c722dc46c42a1d446e56c4e96a60525314de358ad0e0410f7a037baef1
-
SHA512
0e7a082f8cd276ed34beeb96986c8c2295d89ced1f183246f26489eebfa28480939483e93e774a773fb8344043afadd0f22f64d2750df003cd18f5a9f0bad659
-
SSDEEP
3072:PYMEWromwPS5jVRhR6OkFZoCDj2W6EWNfynxjpY0DLIS3JT:PFSPw6DoCPAOLII
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 48 IoCs
pid Process 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe 2064 tfghost v2.exe