20120d0c2f86de5fe5e78ffe0a719b7602d7970a0bf4d22f5ffca158b2e30816

Resubmissions

15/06/2024, 21:20

15/06/2024, 21:14

15/06/2024, 21:11

max time kernel
47s
max time network
57s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
15/06/2024, 21:14

Target

WkJsJC14kc.exe
Size

15.7MB
MD5

b0a585802d3c422a78a3a9779370f826
SHA1

9a7f2996ab0024cce73a2f79ad460e879aca1871
SHA256

20120d0c2f86de5fe5e78ffe0a719b7602d7970a0bf4d22f5ffca158b2e30816
SHA512

5fbd952955038ceb7c16b26f90250824bc317d74c626db85c8e4583a1b41c99545058f4984071b6bd757392fa4450e47ad548ec27f1339bb86b609538a11c213
SSDEEP

393216:To7bx/SjwzDfbo2J40GsGvpeoe/BD1rNUio:Tux/SwHXUsGv6/91rii

Score

5^/10

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
3768	WkJsJC14kc.exe
3768	WkJsJC14kc.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3768	WkJsJC14kc.exe
3768	WkJsJC14kc.exe

memory/3768-0-0x00000001400D6000-0x0000000140BAD000-memory.dmp

Filesize
10.8MB

Download
memory/3768-1-0x00007FF9C6210000-0x00007FF9C6212000-memory.dmp

Filesize
8KB

Download
memory/3768-2-0x00007FF9C6220000-0x00007FF9C6222000-memory.dmp

Filesize
8KB

Download
memory/3768-7-0x0000000140000000-0x0000000141B56000-memory.dmp

Filesize
27.3MB

Download
memory/3768-5-0x0000000140000000-0x0000000141B56000-memory.dmp

Filesize
27.3MB

Download
memory/3768-8-0x0000000140000000-0x0000000141B56000-memory.dmp

Filesize
27.3MB

Download
memory/3768-9-0x00000001400D6000-0x0000000140BAD000-memory.dmp

Filesize
10.8MB

Download
memory/3768-10-0x0000000140000000-0x0000000141B56000-memory.dmp

Filesize
27.3MB

Download