Overview

overview

5

Static

static

3

pubg_[2.0]...14.exe

windows7-x64

5

pubg_[2.0]...14.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15-04-2024 19:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pubg_[2.0]-1ee5b10414.exe

  • Size

    4.8MB

  • MD5

    d0a87306ef4fa327902cca92d59beaca

  • SHA1

    2cb71af539916b53f2285b16da0b71ddf1e4fdf3

  • SHA256

    162609af96cda490d36f68651bc6061e984082a825cc3e2889a32fd0ed31875d

  • SHA512

    1092159007c087ae3f7e80e3d20e827713396bbab604609bd747dcf310ce1ad4b20c01cb4260640447ff8b546b66b4cec3077f7bd661cd24dfbca41ed38209db

  • SSDEEP

    98304:/AViAjwhDUAdzYrJ8aBMyasWdChJL3DFG4aEiNxzQXJjzpZCBQv+rTpDJ9:z8/AKrbSsWdCzkEiOJjz+u8TpX

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\pubg_[2.0]-1ee5b10414.exe
    "C:\Users\Admin\AppData\Local\Temp\pubg_[2.0]-1ee5b10414.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2972-0-0x0000000000250000-0x0000000000251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2972-3-0x0000000000400000-0x0000000000ECA000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2972-2-0x0000000000250000-0x0000000000251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2972-5-0x0000000000250000-0x0000000000251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2972-6-0x0000000000400000-0x0000000000ECA000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2972-8-0x0000000000260000-0x0000000000261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2972-9-0x0000000000400000-0x0000000000ECA000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2972-10-0x0000000000260000-0x0000000000261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2972-11-0x0000000000400000-0x0000000000ECA000-memory.dmp

    Filesize

    10.8MB

    Download