Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

5

Analysis

  • max time kernel
    292s
  • max time network
    258s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    30/05/2024, 23:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    85a28c644b862d4c1ff099e398259723e45f2b1e12b24498d23d5cce01ac5cc4.exe

  • Size

    2.9MB

  • MD5

    b6c779afd7db7337091fc7fa9d1a1961

  • SHA1

    9d9f871af3602e23aeb36e30115abcfafbb8906c

  • SHA256

    85a28c644b862d4c1ff099e398259723e45f2b1e12b24498d23d5cce01ac5cc4

  • SHA512

    b88d317220142afcb40efe3aa358fc290fb2f2185433f961388f346f5913c9c0811b94df66e31a7fbc0fa04bad5e4ab49b449be2f0da5b2f5a0f9b7a34207599

  • SSDEEP

    49152:w0Xipx3nay9fyqUszinb/KwmyLbWcLMZ8y/6jpBvtaRdGOasBf2EyNcjsdCHGyLa:Ynay9//+biw8cL48y/gMvbpvyNaAEL8T

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 30 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\85a28c644b862d4c1ff099e398259723e45f2b1e12b24498d23d5cce01ac5cc4.exe
    "C:\Users\Admin\AppData\Local\Temp\85a28c644b862d4c1ff099e398259723e45f2b1e12b24498d23d5cce01ac5cc4.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:4448

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4448-0-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-1-0x000000007E380000-0x000000007E751000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/4448-2-0x0000000077ED2000-0x0000000077ED3000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4448-3-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-4-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-6-0x000000007E380000-0x000000007E751000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/4448-5-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-7-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-8-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-9-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-10-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-11-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-12-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-13-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-14-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-15-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-16-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-17-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-18-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-19-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-20-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-21-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-22-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-23-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-24-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-25-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-26-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-27-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-28-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-29-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-30-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-31-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-32-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download

  • memory/4448-33-0x00000000012A0000-0x0000000001DCD000-memory.dmp

    Filesize

    11.2MB

    Download