2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f

Analysis

max time kernel
144s
max time network
17s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
10/07/2024, 04:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
Size

4.9MB
MD5

44b23559592888d2a1647da3d98a7fb5
SHA1

cb8e631667a386b40c734571b3cbf723b179d985
SHA256

2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f
SHA512

0cbc8d8593180baff4b42fb4fac24310bf5fca5da48afdd58a7e9fea8e2f1b3e29890f7c8797f2c44a7ee07f8d953642939132b859a730452e02e2a80216e80f
SSDEEP

49152:C/A911b0PiEF94uyc3ZZOHcJW/d9hmtR5v4zI5gp41pFAGhUqicFIRRR3TFU8cib:C/u1APiEwi3uJ/zAZVdhU8ITLGn4G5A

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 16 IoCs

pid	Process
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2228	2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe

C:\Users\Admin\AppData\Local\Temp\2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe
"C:\Users\Admin\AppData\Local\Temp\2eedec16ce007353f3356588b4fc389fca14a26301be0782db069dab4ef8162f.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
PID:2228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2228-1-0x000007FFFFBD0000-0x000007FFFFFA1000-memory.dmp

Filesize
3.8MB

Download
memory/2228-0-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-4-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-5-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-9-0x00000000772B0000-0x0000000077459000-memory.dmp

Filesize
1.7MB

Download
memory/2228-8-0x00000000772B0000-0x0000000077459000-memory.dmp

Filesize
1.7MB

Download
memory/2228-7-0x0000000077301000-0x0000000077302000-memory.dmp

Filesize
4KB

Download
memory/2228-3-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-2-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-6-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-10-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-11-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-12-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-13-0x000007FFFFBD0000-0x000007FFFFFA1000-memory.dmp

Filesize
3.8MB

Download
memory/2228-14-0x00000000772B0000-0x0000000077459000-memory.dmp

Filesize
1.7MB

Download
memory/2228-15-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-16-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-17-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-18-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-19-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-20-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-21-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-22-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-23-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-24-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-25-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download
memory/2228-26-0x000000013FDC0000-0x0000000141153000-memory.dmp

Filesize
19.6MB

Download