Overview

overview

5

Static

static

3

balastru2.exe

windows7-x64

5

balastru2.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    34s
  • max time network
    35s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-09-2024 01:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    balastru2.exe

  • Size

    7.3MB

  • MD5

    a6a8d1d543e338cf5739a066f1ccb988

  • SHA1

    375b231a09016faaeb46770d96678c74697778ec

  • SHA256

    9ddef5f098a2d2655f59a875b129ebfa1aa5fefa37bc4590daba4814df99c11b

  • SHA512

    7ceb91d9bdec73e6ab3a894e3724facab3f2af41de60c3550c9dbbb593c71d1f9cf16451caf1c542da327bb90e6e7eb518a043ad2a7b275835bac3f3a917502a

  • SSDEEP

    196608:mLfAjVdrugdQZC4sry14NxQX2gp5vYQrb4lXjBhazs:q4rQZC4KleplYQrmf

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\balastru2.exe
    "C:\Users\Admin\AppData\Local\Temp\balastru2.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/116-0-0x00007FF7C9871000-0x00007FF7C9F99000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/116-1-0x00007FFAC9450000-0x00007FFAC9452000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-4-0x00007FFAC9470000-0x00007FFAC9472000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-5-0x00007FFAC9480000-0x00007FFAC9482000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-18-0x00007FFAC9540000-0x00007FFAC9542000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-17-0x00007FFAC9530000-0x00007FFAC9532000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-16-0x00007FF7C9800000-0x00007FF7CA6EA000-memory.dmp

    Filesize

    14.9MB

    Download

  • memory/116-15-0x00007FFAC9520000-0x00007FFAC9522000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-14-0x00007FFAC9510000-0x00007FFAC9512000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-13-0x00007FFAC9500000-0x00007FFAC9502000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-12-0x00007FFAC94F0000-0x00007FFAC94F2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-11-0x00007FFAC94E0000-0x00007FFAC94E2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-10-0x00007FFAC94D0000-0x00007FFAC94D2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-9-0x00007FFAC94C0000-0x00007FFAC94C2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-3-0x00007FFAC9460000-0x00007FFAC9462000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-8-0x00007FFAC94B0000-0x00007FFAC94B2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-7-0x00007FFAC94A0000-0x00007FFAC94A2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-6-0x00007FFAC9490000-0x00007FFAC9492000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-2-0x00007FF7C9800000-0x00007FF7CA6EA000-memory.dmp

    Filesize

    14.9MB

    Download

  • memory/116-21-0x00007FFAC9570000-0x00007FFAC9572000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-20-0x00007FFAC9560000-0x00007FFAC9562000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-23-0x00007FFAC9590000-0x00007FFAC9592000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-22-0x00007FFAC9580000-0x00007FFAC9582000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-19-0x00007FFAC9550000-0x00007FFAC9552000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-24-0x000001A167BE0000-0x000001A167C6D000-memory.dmp

    Filesize

    564KB

    Download

  • memory/116-38-0x000001A166330000-0x000001A16633C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/116-46-0x000001A166330000-0x000001A16633C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/116-45-0x000001A167BE0000-0x000001A167C6D000-memory.dmp

    Filesize

    564KB

    Download

  • memory/116-44-0x000001A167C90000-0x000001A167CAE000-memory.dmp

    Filesize

    120KB

    Download

  • memory/116-30-0x000001A167C90000-0x000001A167CAE000-memory.dmp

    Filesize

    120KB

    Download

  • memory/116-47-0x00007FF7C9800000-0x00007FF7CA6EA000-memory.dmp

    Filesize

    14.9MB

    Download

  • memory/116-50-0x00007FF7C9871000-0x00007FF7C9F99000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/116-51-0x00007FF7C9800000-0x00007FF7CA6EA000-memory.dmp

    Filesize

    14.9MB

    Download