Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
09-06-2024 17:56
Behavioral task
behavioral1
Sample
Loader.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
Loader.exe
Resource
win10v2004-20240426-en
3 signatures
150 seconds
General
-
Target
Loader.exe
-
Size
25.7MB
-
MD5
be83d304a33f55c1155bc6358e22ed47
-
SHA1
557f4cf3f604ed8120d42b04e1be1aeff05890de
-
SHA256
53fd9b4d813c0d5a16a603a360324264df4dd60323aaf7ef068ef3e89fb461ce
-
SHA512
b1113e41942f70517ab47059608c2acc7a54faf06945b822311549e009edcea5bc78f159ebdf3b4026f03d68b34efb7b2820ea36bc1b877d6afeb0f1b23fded8
-
SSDEEP
786432:cC9veAdCeM8Di3eaIB14+apjM2fkMANV35Coy/1yr36ZF:H9vvvM8u3eZ1C9M2fkJd5tytF
Score
7/10
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral1/memory/2752-0-0x0000000140000000-0x00000001434C0000-memory.dmp themida -
Suspicious use of NtSetInformationThreadHideFromDebugger 4 IoCs
Processes:
Loader.exepid process 2752 Loader.exe 2752 Loader.exe 2752 Loader.exe 2752 Loader.exe