Overview

overview

5

Static

static

3

793f2ab700...b5.exe

windows7-x64

5

793f2ab700...b5.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-05-2024 12:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    793f2ab70018ae21eefe1edf57f2bec4f603580321609127003cdce55a73b2b5.exe

  • Size

    9.2MB

  • MD5

    c3639315e9c2da5c398e762fb36e0a4c

  • SHA1

    8e797f6a592336a47234215f08f590e20da1cacb

  • SHA256

    793f2ab70018ae21eefe1edf57f2bec4f603580321609127003cdce55a73b2b5

  • SHA512

    3ccaf68b7638a55f11e596ca37057bc6f7bd5667a5387825d822c1bfcf2cae3a8e4ffa97f82741d306eb8b23e1da95d88ed75ee952fcb4a413f95b716fabc044

  • SSDEEP

    196608:oW+7p2GtkGjOtwzF4CmYfmS5RiebIYV9KKMAa8n+ocC6g6v66666ES66666E6kD7:v+7prWWC1S1xV9EAh+ocC6g6v66666ES

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\793f2ab70018ae21eefe1edf57f2bec4f603580321609127003cdce55a73b2b5.exe
    "C:\Users\Admin\AppData\Local\Temp\793f2ab70018ae21eefe1edf57f2bec4f603580321609127003cdce55a73b2b5.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1928-0-0x000000000070D000-0x0000000000BF1000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/1928-45-0x0000000000400000-0x0000000001523000-memory.dmp

    Filesize

    17.1MB

    Download

  • memory/1928-46-0x0000000000400000-0x0000000001523000-memory.dmp

    Filesize

    17.1MB

    Download

  • memory/1928-41-0x0000000000400000-0x0000000001523000-memory.dmp

    Filesize

    17.1MB

    Download

  • memory/1928-40-0x00000000002C0000-0x00000000002C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-38-0x00000000002C0000-0x00000000002C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-35-0x00000000002B0000-0x00000000002B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-33-0x00000000002B0000-0x00000000002B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-30-0x00000000002A0000-0x00000000002A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-28-0x00000000002A0000-0x00000000002A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-25-0x0000000000280000-0x0000000000281000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-23-0x0000000000280000-0x0000000000281000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-20-0x0000000000270000-0x0000000000271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-18-0x0000000000270000-0x0000000000271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-16-0x0000000000270000-0x0000000000271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-15-0x0000000000260000-0x0000000000261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-13-0x0000000000260000-0x0000000000261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-11-0x0000000000260000-0x0000000000261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-10-0x0000000000250000-0x0000000000251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-8-0x0000000000250000-0x0000000000251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-6-0x0000000000250000-0x0000000000251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-5-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-3-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-1-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1928-44-0x0000000000400000-0x0000000001523000-memory.dmp

    Filesize

    17.1MB

    Download

  • memory/1928-47-0x000000000070D000-0x0000000000BF1000-memory.dmp

    Filesize

    4.9MB

    Download

  • memory/1928-48-0x0000000000400000-0x0000000001523000-memory.dmp

    Filesize

    17.1MB

    Download