Overview

overview

10

Static

static

3

6cfad9496a...55.exe

windows7-x64

10

6cfad9496a...55.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    144s
  • max time network
    100s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/05/2024, 01:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6cfad9496a2bee32a0f4dda1de58005c6592a59e7365623f5314ccae417b1055.exe

  • Size

    3.1MB

  • MD5

    d81c636dceec056448766c41f95c70bd

  • SHA1

    c96b12739c67bf3ea9889e0d28c783d9597ee2c7

  • SHA256

    6cfad9496a2bee32a0f4dda1de58005c6592a59e7365623f5314ccae417b1055

  • SHA512

    7632d9bf30cc28d3d33465a356f3aff2297792db2cc2ef17e24de7adfaa55057a4acee06c206d8b531cc2b3bc870b301fe1befda12b953ee1d7c4dc4e4ffabb4

  • SSDEEP

    98304:Yr4eEcuQkLynvc8wG43MeM/hFfTII9EDg:YrecuvLycZu7Og

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 16 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6cfad9496a2bee32a0f4dda1de58005c6592a59e7365623f5314ccae417b1055.exe
    "C:\Users\Admin\AppData\Local\Temp\6cfad9496a2bee32a0f4dda1de58005c6592a59e7365623f5314ccae417b1055.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:216

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/216-0-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-1-0x000000007F170000-0x000000007F541000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/216-2-0x0000000077CF2000-0x0000000077CF3000-memory.dmp

    Filesize

    4KB

    Download

  • memory/216-3-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-4-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-6-0x000000007F170000-0x000000007F541000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/216-5-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-7-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-8-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-9-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-10-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-11-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-12-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-13-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-14-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-15-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-16-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-17-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download

  • memory/216-18-0x0000000000F70000-0x0000000001AD7000-memory.dmp

    Filesize

    11.4MB

    Download