9f6b6b816f1320112a4c9171108c235920d3982a1741196f284d658bdf312b5e

Analysis

max time kernel
157s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10/03/2024, 15:08

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

beebc8fd1b08dd6866693be5a5561add.exe
Size

1.1MB
MD5

beebc8fd1b08dd6866693be5a5561add
SHA1

4bd170b84afe570b16656409b0566e1b44923eec
SHA256

9f6b6b816f1320112a4c9171108c235920d3982a1741196f284d658bdf312b5e
SHA512

71316a106007eec89e2d325fc4c535518fe190f0d928b2f728d34a4d9a8a24319bc666df50e029527f47462d18eacab471a5817485ecc779f4e5a4c50b2fff16
SSDEEP

24576:tbG2tn1SJ4okTemRvaK47SLjPGh4Ma45tADcRphuh09E:t62tn1S4oseL7SfGaMaBuu+E

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

pid	Process
2756	beebc8fd1b08dd6866693be5a5561add.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2756	beebc8fd1b08dd6866693be5a5561add.exe
2756	beebc8fd1b08dd6866693be5a5561add.exe

C:\Users\Admin\AppData\Local\Temp\beebc8fd1b08dd6866693be5a5561add.exe
"C:\Users\Admin\AppData\Local\Temp\beebc8fd1b08dd6866693be5a5561add.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
PID:2756

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3700 --field-trial-handle=2272,i,4858140932023865871,5726683989663339295,262144 --variations-seed-version /prefetch:8
1⤵
PID:3572

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2756-0-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-1-0x00000000024D0000-0x0000000002516000-memory.dmp

Filesize
280KB

Download
memory/2756-2-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-3-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-4-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-5-0x00000000024D0000-0x0000000002516000-memory.dmp

Filesize
280KB

Download
memory/2756-6-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-7-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-8-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-9-0x0000000000790000-0x0000000000793000-memory.dmp

Filesize
12KB

Download
memory/2756-10-0x0000000075C40000-0x0000000075E55000-memory.dmp

Filesize
2.1MB

Download
memory/2756-11-0x0000000077250000-0x00000000774D1000-memory.dmp

Filesize
2.5MB

Download
memory/2756-12-0x0000000075550000-0x0000000075633000-memory.dmp

Filesize
908KB

Download
memory/2756-13-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-14-0x00000000008E0000-0x00000000008E4000-memory.dmp

Filesize
16KB

Download
memory/2756-15-0x0000000002600000-0x0000000002601000-memory.dmp

Filesize
4KB

Download
memory/2756-16-0x0000000077030000-0x0000000077048000-memory.dmp

Filesize
96KB

Download
memory/2756-17-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-18-0x0000000075C40000-0x0000000075E55000-memory.dmp

Filesize
2.1MB

Download
memory/2756-20-0x0000000077220000-0x0000000077244000-memory.dmp

Filesize
144KB

Download
memory/2756-21-0x0000000076030000-0x0000000076150000-memory.dmp

Filesize
1.1MB

Download
memory/2756-22-0x0000000077050000-0x000000007710F000-memory.dmp

Filesize
764KB

Download
memory/2756-23-0x0000000075A80000-0x0000000075AF5000-memory.dmp

Filesize
468KB

Download
memory/2756-24-0x00000000769B0000-0x0000000076A6F000-memory.dmp

Filesize
764KB

Download
memory/2756-25-0x0000000076890000-0x00000000768B5000-memory.dmp

Filesize
148KB

Download
memory/2756-26-0x00000000752C0000-0x0000000075334000-memory.dmp

Filesize
464KB

Download
memory/2756-27-0x0000000077250000-0x00000000774D1000-memory.dmp

Filesize
2.5MB

Download
memory/2756-28-0x0000000076790000-0x0000000076863000-memory.dmp

Filesize
844KB

Download
memory/2756-29-0x0000000075B40000-0x0000000075BD6000-memory.dmp

Filesize
600KB

Download
memory/2756-30-0x0000000075550000-0x0000000075633000-memory.dmp

Filesize
908KB

Download
memory/2756-31-0x0000000077190000-0x0000000077217000-memory.dmp

Filesize
540KB

Download
memory/2756-32-0x0000000074B60000-0x0000000074B6F000-memory.dmp

Filesize
60KB

Download
memory/2756-33-0x0000000074550000-0x0000000074576000-memory.dmp

Filesize
152KB

Download
memory/2756-34-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-35-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-44-0x00000000752C0000-0x0000000075334000-memory.dmp

Filesize
464KB

Download
memory/2756-52-0x00000000024D0000-0x0000000002516000-memory.dmp

Filesize
280KB

Download
memory/2756-53-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-54-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-55-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-72-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-73-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-74-0x00000000008E0000-0x00000000008E4000-memory.dmp

Filesize
16KB

Download
memory/2756-75-0x0000000002600000-0x0000000002601000-memory.dmp

Filesize
4KB

Download
memory/2756-76-0x0000000000400000-0x0000000000738000-memory.dmp

Filesize
3.2MB

Download
memory/2756-80-0x0000000076030000-0x0000000076150000-memory.dmp

Filesize
1.1MB

Download