Resubmissions

15-06-2024 18:07

240615-wqpksstdnm 9

Analysis

  • max time kernel
    105s
  • max time network
    51s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-06-2024 18:07

General

  • Target

    BLTools v2.9.1[PRO].exe

  • Size

    3.2MB

  • MD5

    025d637741b1b326ded2e99e6b54ed77

  • SHA1

    5fb6a288559f54aeb42203cf5e44a072c74f942f

  • SHA256

    d68b3cdca20f0b871a653a3203e4292846e766b45fb989856a2de0fb9e0c4860

  • SHA512

    720f4f03febbe7fdd661c14349680f6511a69487b0bdf5cd47ab4594b1fad49edeb0bde8e287272d84e21efc916ba91ca71bfa2632eba76e379e07815163d26b

  • SSDEEP

    98304:M7+TEjqbFZN2l9OqOj/VCB1CRSHgmYrrwCY:pTeqbzN69OqOjmURSAmY

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\BLTools v2.9.1[PRO].exe
    "C:\Users\Admin\AppData\Local\Temp\BLTools v2.9.1[PRO].exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:4576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4576-0-0x00000000750AE000-0x00000000750AF000-memory.dmp
    Filesize

    4KB

  • memory/4576-1-0x0000000000450000-0x0000000000BA0000-memory.dmp
    Filesize

    7.3MB

  • memory/4576-2-0x0000000001540000-0x0000000001541000-memory.dmp
    Filesize

    4KB

  • memory/4576-3-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-4-0x0000000005420000-0x0000000005444000-memory.dmp
    Filesize

    144KB

  • memory/4576-5-0x0000000008320000-0x0000000008C4C000-memory.dmp
    Filesize

    9.2MB

  • memory/4576-6-0x0000000007A40000-0x0000000007A90000-memory.dmp
    Filesize

    320KB

  • memory/4576-7-0x0000000005510000-0x0000000005570000-memory.dmp
    Filesize

    384KB

  • memory/4576-8-0x00000000054D0000-0x00000000054F0000-memory.dmp
    Filesize

    128KB

  • memory/4576-9-0x0000000005B20000-0x00000000060C4000-memory.dmp
    Filesize

    5.6MB

  • memory/4576-10-0x00000000056F0000-0x0000000005832000-memory.dmp
    Filesize

    1.3MB

  • memory/4576-11-0x00000000063D0000-0x000000000648A000-memory.dmp
    Filesize

    744KB

  • memory/4576-12-0x0000000006490000-0x0000000006522000-memory.dmp
    Filesize

    584KB

  • memory/4576-13-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-14-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-15-0x00000000070F0000-0x0000000007128000-memory.dmp
    Filesize

    224KB

  • memory/4576-16-0x00000000070C0000-0x00000000070CE000-memory.dmp
    Filesize

    56KB

  • memory/4576-17-0x000000000D940000-0x000000000D952000-memory.dmp
    Filesize

    72KB

  • memory/4576-18-0x0000000007030000-0x0000000007038000-memory.dmp
    Filesize

    32KB

  • memory/4576-19-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-20-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-21-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-22-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-23-0x00000000750AE000-0x00000000750AF000-memory.dmp
    Filesize

    4KB

  • memory/4576-24-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-25-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-26-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-27-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB

  • memory/4576-28-0x00000000750A0000-0x0000000075850000-memory.dmp
    Filesize

    7.7MB