Overview

overview

5

Static

static

3

Yvcy6xVFyV...1).exe

windows7-x64

5

Yvcy6xVFyV...1).exe

windows10-2004-x64

5

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    27/07/2024, 08:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Yvcy6xVFyVa7CNFx (1).exe

  • Size

    12.5MB

  • MD5

    6dcafe205c42486ea9100ecc7b783e19

  • SHA1

    a0e9937036cdbaa7a928418c67a11cd2cdc48842

  • SHA256

    e3b7264fa3bf1b63853726decbf86bbabb7704359b4bee9639120e6929e10def

  • SHA512

    8385cbd582cc4fef9cdbbcdb66411c4c42f32405945fdf215bb6cf2f943425f969f00ece0a2eb92153672839e5bfb61dd59ead5089c54444fb2c26881b778a0c

  • SSDEEP

    196608:ugDy7lLb2gpkYaFlBN+46/e8wS93L55Pd0tSHWt0Z6bd1p6ArTmRUb:ugy32gGFlz+4meTS9WWY0iJeU

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Yvcy6xVFyVa7CNFx (1).exe
    "C:\Users\Admin\AppData\Local\Temp\Yvcy6xVFyVa7CNFx (1).exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2228-0-0x000000013FA5F000-0x00000001401AF000-memory.dmp

    Filesize

    7.3MB

    Download

  • memory/2228-1-0x0000000077480000-0x0000000077482000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2228-3-0x0000000077480000-0x0000000077482000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2228-5-0x0000000077480000-0x0000000077482000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2228-10-0x0000000077490000-0x0000000077492000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2228-8-0x0000000077490000-0x0000000077492000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2228-6-0x0000000077490000-0x0000000077492000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2228-15-0x000000013F9A0000-0x0000000140E2B000-memory.dmp

    Filesize

    20.5MB

    Download

  • memory/2228-16-0x000000013F9A0000-0x0000000140E2B000-memory.dmp

    Filesize

    20.5MB

    Download

  • memory/2228-17-0x000000013FA5F000-0x00000001401AF000-memory.dmp

    Filesize

    7.3MB

    Download