Overview

overview

5

Static

static

3

v1.2.1.0_fix1.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    44s
  • max time network
    40s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-02-2024 08:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    v1.2.1.0_fix1.exe

  • Size

    91.8MB

  • MD5

    aeeb0ac72e38a77b0b7931e6a98035f4

  • SHA1

    dce59f8522c4c710da3a72005616ff285f7ee53c

  • SHA256

    a3cb348a773f20259b6739fe292232d7e9962d7d986e2cf397a9b6bbb70d8750

  • SHA512

    70d31fbc89474a45a05695e1328dcf0653f1905591bceaa25903100dcde6025cc1d3ce0e82de267778287875b3cb761ec97ca8f97dbe933e5b8a2a6d17d86b22

  • SSDEEP

    1572864:OULbB3p9MvKk2Su/0qyWAlKy0sc4PoT8nIcRdJGpXxRDKpZoGsQ7Z:OMbBjr1SS0DWAlKNsc4PoTMzGpfDGP

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\v1.2.1.0_fix1.exe
    "C:\Users\Admin\AppData\Local\Temp\v1.2.1.0_fix1.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2140

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2140-0-0x00007FFCB3A90000-0x00007FFCB3A92000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2140-1-0x00007FFCB3AA0000-0x00007FFCB3AA2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2140-2-0x00007FFCB3AB0000-0x00007FFCB3AB2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2140-3-0x00007FFCB3AC0000-0x00007FFCB3AC2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2140-4-0x00007FFCB3680000-0x00007FFCB3682000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2140-5-0x00007FFCB3690000-0x00007FFCB3692000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2140-6-0x00007FFCB1280000-0x00007FFCB1282000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2140-7-0x00007FFCB1290000-0x00007FFCB1292000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2140-8-0x0000000140000000-0x0000000141000000-memory.dmp

    Filesize

    16.0MB

    Download