Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Users\user\Desktop\HyperThread.exe

"C:\Users\user\Desktop\HyperThread.exe"

Details

Is windows:	false
Is dropped:	false
PID:	380
Target ID:	0
Parent PID:	1028
Name:	HyperThread.exe
Path:	C:\Users\user\Desktop\HyperThread.exe
Commandline:	"C:\Users\user\Desktop\HyperThread.exe"
Size:	15065600
MD5:	70BC375F74CC6E005C1CB7F4AC1CFB63
Time:	08:16:01
Date:	19/04/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff69f630000
Modulesize:	26263552
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Multi AV Scanner detection for submitted file	AV Detection
Machine Learning detection for sample	AV Detection
PE file contains section with special chars	System Summary
PE file contains sections with non-standard names	Data Obfuscation
Sample is known by Antivirus	System Summary
Contains modern PE file flags such as dynamic base (ASLR) or NX	Compliance, System Summary
PE file has a big raw section	System Summary
PE file has a big code size	System Summary
PE file has a high image base, often used for DLLs	System Summary
Submission file is bigger than most known malware samples	System Summary

Memdumps

Base Address

Regiontype

Protect

Malicious

7FF69F630000

unkown

page readonly

7FF6A0ADD000

unkown

page execute read

7FF6A0F3A000

unkown

page readonly

7FF6A00DB000

unkown

page write copy

7FF6A00DD000

unkown

page execute read

2AB76980000

heap

page read and write

C4710FC000

stack

page read and write

7FF6A00DB000

unkown

page read and write

7FF6A0ADD000

unkown

page execute read

2AB769CB000

heap

page read and write

C4711FD000

stack

page read and write

7FF6A0F3A000

unkown

page readonly

2AB769C0000

heap

page read and write

7FF69F630000

unkown

page readonly

2AB76990000

heap

page read and write

7FF6A00DD000

unkown

page execute read

There are 6 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
HyperThread.exe

Processes

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportHyperThread.exe

Processes

Memdumps

IOC Report
HyperThread.exe