70666015656b481f8b32b6167bc9b0b1b947bc7619f8a5b3e699f8c9cd15c072

Analysis

max time kernel
148s
max time network
51s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
11-06-2024 18:31

Target

Engines/yixin2013(B)/pbrain-Yixin13B.exe
Size

967KB
MD5

62b536e5d30582a0ebf3c71818ae1402
SHA1

670be14139d8458118b97bcd340fb3b9ffae2a92
SHA256

9e4c370339142dfc0111295299258fa3ec51ff83d11f927468b2fedfe4699dc8
SHA512

7fb10352560eebfa4637baf6c892c298c0db1adbdcfad4a3e07236b833f03e65eed6a893a07645c5080f455ba56ece3ffddd481a75990f2e9cf9ef70bfed2952
SSDEEP

24576:LMqeh6yINYfprER6vp1114vh1MHa2HnJjvCV8xThAFlz5Nsq6:I7SIakvp10v72HnJjvCV8RhAFlz5qq6

Score

5^/10

Suspicious use of NtSetInformationThreadHideFromDebugger 39 IoCs

Processes:

pbrain-Yixin13B.exe

C:\Users\Admin\AppData\Local\Temp\Engines\yixin2013(B)\pbrain-Yixin13B.exe
"C:\Users\Admin\AppData\Local\Temp\Engines\yixin2013(B)\pbrain-Yixin13B.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
PID:2900

memory/2900-0-0x0000000000400000-0x0000000001400000-memory.dmp

Filesize
16.0MB

Download