Overview

overview

5

Static

static

3

f70f770d36...93.exe

windows7-x64

5

f70f770d36...93.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    142s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-05-2024 06:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f70f770d366cdef6f4ffc35f8c595fc5e4308354d820b456f1d4a65da8451e93.exe

  • Size

    10.4MB

  • MD5

    4f6ccde10891fb14eff91ae0465bbfb5

  • SHA1

    5e47ad198325ece256a506b7130d9cd9f1ef35fa

  • SHA256

    f70f770d366cdef6f4ffc35f8c595fc5e4308354d820b456f1d4a65da8451e93

  • SHA512

    806a27bd8e60929ab8142fcf1f0c980e9da3fd62e3a76fe913fd6973eacd23bb7a6fa196ccb1953175d78976daaad63e7906603cb2a6bdd78c3d2fa9713d586b

  • SSDEEP

    196608:0ys8eY9uS+dFrXN42CmQSawWWPVOzbJQoG4t0gtw:0yr9uSOr9dCmQAO3tG4tp

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 14 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f70f770d366cdef6f4ffc35f8c595fc5e4308354d820b456f1d4a65da8451e93.exe
    "C:\Users\Admin\AppData\Local\Temp\f70f770d366cdef6f4ffc35f8c595fc5e4308354d820b456f1d4a65da8451e93.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:5064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5064-0-0x0000000000400000-0x0000000001C5D000-memory.dmp

    Filesize

    24.4MB

    Download

  • memory/5064-2-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-6-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-5-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-4-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-3-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-1-0x0000000076290000-0x0000000076291000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5064-8-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-7-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-9-0x0000000010000000-0x000000001033A000-memory.dmp

    Filesize

    3.2MB

    Download

  • memory/5064-20-0x0000000010000000-0x000000001033A000-memory.dmp

    Filesize

    3.2MB

    Download

  • memory/5064-19-0x0000000001E10000-0x0000000001E11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5064-22-0x0000000000400000-0x0000000001C5D000-memory.dmp

    Filesize

    24.4MB

    Download

  • memory/5064-23-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-24-0x0000000076290000-0x0000000076291000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5064-26-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-27-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-28-0x0000000076270000-0x0000000076360000-memory.dmp

    Filesize

    960KB

    Download

  • memory/5064-29-0x0000000000400000-0x0000000001C5D000-memory.dmp

    Filesize

    24.4MB

    Download