edf275834ab056286ae35ea92e17ccb2bda708143f5072c54556127b2eecfb88 | Triage

Analysis

max time kernel
11s
max time network
12s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
09-04-2024 10:25

Sharing

Report Analysis Logs

General

Target

Furion hack loader.exe
Size

660KB
MD5

36b06f739a1bd5a56a7a9496aa85d1f3
SHA1

7625fe9936a27209d026a7cefb9e8441a380f574
SHA256

edf275834ab056286ae35ea92e17ccb2bda708143f5072c54556127b2eecfb88
SHA512

63a2b283c4e7eff125b29d38803978fb3056c0851c173075c8aa58d54fe444131cfbc34fc1f95bf4fc4687b505d7fe264d50c9a98a1818fb2cd4edc2f3075107
SSDEEP

12288:ZwIO+jqEI/5d2Ty3YBjcTcbvsoyy2gBLE24P7yNyd:hVqEI/T2W3YBjcqzyN2oyNyd

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1360	Furion hack loader.exe
1360	Furion hack loader.exe
1360	Furion hack loader.exe
1360	Furion hack loader.exe
1360	Furion hack loader.exe
1360	Furion hack loader.exe
1360	Furion hack loader.exe
1360	Furion hack loader.exe
1360	Furion hack loader.exe
1360	Furion hack loader.exe

Suspicious use of FindShellTrayWindow 3 IoCs

pid	Process
1360	Furion hack loader.exe
1360	Furion hack loader.exe
1360	Furion hack loader.exe

Suspicious use of SendNotifyMessage 3 IoCs

pid	Process
1360	Furion hack loader.exe
1360	Furion hack loader.exe
1360	Furion hack loader.exe

C:\Users\Admin\AppData\Local\Temp\Furion hack loader.exe
"C:\Users\Admin\AppData\Local\Temp\Furion hack loader.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads