Overview

overview

5

Static

static

3

Onyx.final.exe

windows10-2004-x64

5

Onyx.final.exe

windows11-21h2-x64

5

Analysis

  • max time kernel
    92s
  • max time network
    206s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240611-en
  • resource tags

    arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    29-06-2024 02:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Onyx.final.exe

  • Size

    33.0MB

  • MD5

    044de889829630b844432c20e43ba509

  • SHA1

    6eace94a258a794f6420a82c6282f8989ced1acd

  • SHA256

    0bd0ef92009b6fefedfcaf1286b2f2598002a7f25b8370b70945306df523b556

  • SHA512

    8d4c052e80d568810cd75a3b942e0a82f5b7c00448d526b800468c11e34ff37e780190bba1fef912ca610a2303e6fd75890637215ff42b18c5e91246eb1b9a66

  • SSDEEP

    786432:YrE1UtJWIKgVQv8+2nPY04AJOKfGkdnd9LdZ/2:YrAUDW2VQ0+2n3Jl5dnPLze

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Onyx.final.exe
    "C:\Users\Admin\AppData\Local\Temp\Onyx.final.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3868-0-0x000000000168B000-0x0000000002618000-memory.dmp

    Filesize

    15.6MB

    Download

  • memory/3868-1-0x00007FFB45950000-0x00007FFB45952000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3868-2-0x00007FFB45960000-0x00007FFB45962000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3868-3-0x0000000000400000-0x000000000470D000-memory.dmp

    Filesize

    67.1MB

    Download

  • memory/3868-10-0x000000000168B000-0x0000000002618000-memory.dmp

    Filesize

    15.6MB

    Download

  • memory/3868-11-0x0000000000400000-0x000000000470D000-memory.dmp

    Filesize

    67.1MB

    Download