Overview

overview

5

Static

static

3

ad7c76ddc1...6d.exe

windows7-x64

5

ad7c76ddc1...6d.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    149s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 01:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ad7c76ddc1db3610153e556e239694a6bd6234d1fa24979ecc32343b458f106d.exe

  • Size

    1.9MB

  • MD5

    76f30a8d308bb44d3bf07b38d3b3b90d

  • SHA1

    79f657fb5cbb29e0b4e62549d84d9ade95e9b54b

  • SHA256

    ad7c76ddc1db3610153e556e239694a6bd6234d1fa24979ecc32343b458f106d

  • SHA512

    56057689a156c00ec11fb8eb9e755dd6c851963b4a8f4e048c8c4d533b0b47c6eda3cd13afce8b14bb98354b94b273e5d95470da3cf27b46dc9b341eccd1380e

  • SSDEEP

    49152:kSzH92kxtGWE5QNH+lqJuzkJHqvKOxpEwXPU8WpO:kSzH92kxgdQNH+UJEkJCgY

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 9 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ad7c76ddc1db3610153e556e239694a6bd6234d1fa24979ecc32343b458f106d.exe
    "C:\Users\Admin\AppData\Local\Temp\ad7c76ddc1db3610153e556e239694a6bd6234d1fa24979ecc32343b458f106d.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:1796

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1796-0-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-2-0x0000000077C60000-0x0000000077C61000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1796-3-0x0000000077C60000-0x0000000077C61000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1796-4-0x0000000074B5E000-0x0000000074B5F000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1796-5-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-6-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-7-0x0000000074B50000-0x000000007523E000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/1796-8-0x0000000074B50000-0x000000007523E000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/1796-9-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-11-0x0000000074B5E000-0x0000000074B5F000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1796-10-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-12-0x0000000074B50000-0x000000007523E000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/1796-13-0x0000000074B50000-0x000000007523E000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/1796-14-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-15-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-16-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-17-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-18-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-19-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-20-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-21-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-22-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-23-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-24-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download

        • memory/1796-25-0x0000000000D80000-0x0000000001158000-memory.dmp

          Filesize

          3.8MB

          Download