Overview

overview

7

Static

static

3

cc78fc422a...ca.exe

windows7-x64

7

cc78fc422a...ca.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/05/2024, 15:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cc78fc422af47ea970cffcaf9d4aa2b0456e1bf0d709ee35b0d55998f7faa4ca.exe

  • Size

    812KB

  • MD5

    8162dedc8f61188ef0c74b78eac849b6

  • SHA1

    d6d4668b157627e53a7e169e031a464c21749755

  • SHA256

    cc78fc422af47ea970cffcaf9d4aa2b0456e1bf0d709ee35b0d55998f7faa4ca

  • SHA512

    0fb195e0e327cc4c683d8bdd512261cd74e7b7fa44743892a3e9de03c2bb4820b6dd2db6210d6026caf66703e452837b7f534d6ddf7943d3412f7e35e0964454

  • SSDEEP

    12288:EqmytVdB0rPEDb3kCoI641jxy7GHEX2rnAv8MktrOKxp22CMOZ/1S/:EqxtVfNDb31oT41+aneOrO4p2zMOZ/o

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cc78fc422af47ea970cffcaf9d4aa2b0456e1bf0d709ee35b0d55998f7faa4ca.exe
    "C:\Users\Admin\AppData\Local\Temp\cc78fc422af47ea970cffcaf9d4aa2b0456e1bf0d709ee35b0d55998f7faa4ca.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of WriteProcessMemory
    PID:4920
    • C:\Users\Admin\AppData\Local\Temp\1B0C0F0A120F156F155D15F0D0A160A0A160F.exe
      C:\Users\Admin\AppData\Local\Temp\1B0C0F0A120F156F155D15F0D0A160A0A160F.exe
      2⤵
      • Executes dropped EXE
      • Suspicious use of NtSetInformationThreadHideFromDebugger
      PID:3748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\1B0C0F0A120F156F155D15F0D0A160A0A160F.exe
    Filesize

    812KB

    MD5

    69b0e40e33fa0d49350abda4e74e699c

    SHA1

    e1cdae6786541259ac83193d2518240a922eec1d

    SHA256

    53050f2abcb0c38c34b74cf791a00618b2f207ed763d35f948a4e2cfdcbbaf06

    SHA512

    a2dc0d185944a2cfb47af47f0941cb3962ece2f18c79402a6ebeff63af0e445908e327b572a843deb8b76e2d928396252f6c6e25dc91e993ab19e3fc5081db32

    Download Submit

  • memory/3748-10-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/3748-11-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/3748-8-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/4920-0-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/4920-2-0x0000000000401000-0x000000000041F000-memory.dmp

    Filesize

    120KB

    Download

  • memory/4920-1-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/4920-9-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download