c9cc5ad5b497e4b3c93f7708a4a930dc969b4ee4d3408848b818ab32dcf7b5fb

Resubmissions

02/08/2024, 22:18

240802-178gfsxepa 5

02/08/2024, 22:15

240802-16bfbsxdra 6

Analysis

max time kernel
102s
max time network
16s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
02/08/2024, 22:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Prism Loader.exe
Size

12.0MB
MD5

219aec1f47aa31c565d6eb1c986f479d
SHA1

94fdce9086e955b6b7308b9403a0c05cf9d94bd1
SHA256

c9cc5ad5b497e4b3c93f7708a4a930dc969b4ee4d3408848b818ab32dcf7b5fb
SHA512

77142e6901e157f7931e7b73a107fd90ab433f2bb523cf07a37b59c1511e2b6137ae8e83903dc4c1ff381377c70120faa853e0f7c4bf75a71d9566fdf0254c43
SSDEEP

196608:m5Wv/A6YwfkZQA4LchEGyHJ594kkJH9OczI5L8Ywt6XVKIdqCWx3c1:nNsGbGyp593ck0QKIdSBc

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
2540	Prism Loader.exe
2540	Prism Loader.exe

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2540	Prism Loader.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2540	Prism Loader.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2540	Prism Loader.exe

C:\Users\Admin\AppData\Local\Temp\Prism Loader.exe
"C:\Users\Admin\AppData\Local\Temp\Prism Loader.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2540-0-0x000000013FDC5000-0x0000000140559000-memory.dmp

Filesize
7.6MB

Download
memory/2540-3-0x00000000776D0000-0x00000000776D2000-memory.dmp

Filesize
8KB

Download
memory/2540-5-0x00000000776D0000-0x00000000776D2000-memory.dmp

Filesize
8KB

Download
memory/2540-1-0x00000000776D0000-0x00000000776D2000-memory.dmp

Filesize
8KB

Download
memory/2540-6-0x00000000776E0000-0x00000000776E2000-memory.dmp

Filesize
8KB

Download
memory/2540-8-0x00000000776E0000-0x00000000776E2000-memory.dmp

Filesize
8KB

Download
memory/2540-10-0x00000000776E0000-0x00000000776E2000-memory.dmp

Filesize
8KB

Download
memory/2540-13-0x0000000077700000-0x0000000077702000-memory.dmp

Filesize
8KB

Download
memory/2540-20-0x0000000077710000-0x0000000077712000-memory.dmp

Filesize
8KB

Download
memory/2540-35-0x0000000077740000-0x0000000077742000-memory.dmp

Filesize
8KB

Download
memory/2540-50-0x0000000077770000-0x0000000077772000-memory.dmp

Filesize
8KB

Download
memory/2540-63-0x00000000777A0000-0x00000000777A2000-memory.dmp

Filesize
8KB

Download
memory/2540-66-0x000000013FD70000-0x0000000141161000-memory.dmp

Filesize
19.9MB

Download
memory/2540-61-0x00000000777A0000-0x00000000777A2000-memory.dmp

Filesize
8KB

Download
memory/2540-60-0x0000000077790000-0x0000000077792000-memory.dmp

Filesize
8KB

Download
memory/2540-58-0x0000000077790000-0x0000000077792000-memory.dmp

Filesize
8KB

Download
memory/2540-56-0x0000000077790000-0x0000000077792000-memory.dmp

Filesize
8KB

Download
memory/2540-55-0x0000000077780000-0x0000000077782000-memory.dmp

Filesize
8KB

Download
memory/2540-53-0x0000000077780000-0x0000000077782000-memory.dmp

Filesize
8KB

Download
memory/2540-51-0x0000000077780000-0x0000000077782000-memory.dmp

Filesize
8KB

Download
memory/2540-48-0x0000000077770000-0x0000000077772000-memory.dmp

Filesize
8KB

Download
memory/2540-46-0x0000000077770000-0x0000000077772000-memory.dmp

Filesize
8KB

Download
memory/2540-45-0x0000000077760000-0x0000000077762000-memory.dmp

Filesize
8KB

Download
memory/2540-43-0x0000000077760000-0x0000000077762000-memory.dmp

Filesize
8KB

Download
memory/2540-41-0x0000000077760000-0x0000000077762000-memory.dmp

Filesize
8KB

Download
memory/2540-40-0x0000000077750000-0x0000000077752000-memory.dmp

Filesize
8KB

Download
memory/2540-38-0x0000000077750000-0x0000000077752000-memory.dmp

Filesize
8KB

Download
memory/2540-36-0x0000000077750000-0x0000000077752000-memory.dmp

Filesize
8KB

Download
memory/2540-33-0x0000000077740000-0x0000000077742000-memory.dmp

Filesize
8KB

Download
memory/2540-31-0x0000000077740000-0x0000000077742000-memory.dmp

Filesize
8KB

Download
memory/2540-30-0x0000000077730000-0x0000000077732000-memory.dmp

Filesize
8KB

Download
memory/2540-28-0x0000000077730000-0x0000000077732000-memory.dmp

Filesize
8KB

Download
memory/2540-26-0x0000000077730000-0x0000000077732000-memory.dmp

Filesize
8KB

Download
memory/2540-25-0x0000000077720000-0x0000000077722000-memory.dmp

Filesize
8KB

Download
memory/2540-23-0x0000000077720000-0x0000000077722000-memory.dmp

Filesize
8KB

Download
memory/2540-21-0x0000000077720000-0x0000000077722000-memory.dmp

Filesize
8KB

Download
memory/2540-18-0x0000000077710000-0x0000000077712000-memory.dmp

Filesize
8KB

Download
memory/2540-107-0x000000013FD70000-0x0000000141161000-memory.dmp

Filesize
19.9MB

Download
memory/2540-16-0x0000000077710000-0x0000000077712000-memory.dmp

Filesize
8KB

Download
memory/2540-15-0x0000000077700000-0x0000000077702000-memory.dmp

Filesize
8KB

Download
memory/2540-11-0x0000000077700000-0x0000000077702000-memory.dmp

Filesize
8KB

Download
memory/2540-114-0x000000013FD70000-0x0000000141161000-memory.dmp

Filesize
19.9MB

Download
memory/2540-118-0x000000013FDC5000-0x0000000140559000-memory.dmp

Filesize
7.6MB

Download