Overview

overview

10

Static

static

d29e737052...ae.exe

windows7-x64

10

d29e737052...ae.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/01/2023, 14:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d29e7370523acf946fcd44de6ad798ae.exe

  • Size

    453KB

  • MD5

    d29e7370523acf946fcd44de6ad798ae

  • SHA1

    d565099dc78d5131f55c33016f526a2c6fabbca1

  • SHA256

    316f83b02f7a0cc10acedea57ca955a9fd514e6756e7a06bf7f397b4d6d35dd3

  • SHA512

    1c367b9a8f224308afcf1ba005476c5c8482ed4c667d3c5e8fd33518289e14fb8b6e2748f58ce10c412ba6b575fe4b350ed84affcf80ec0fd02a4a828162443b

  • SSDEEP

    12288:l5c8k/8f+0rMx9wZzUZ4UxGp68cS0NtMgO++g:lBkgYx9lZSpL10NWc+

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d29e7370523acf946fcd44de6ad798ae.exe
    "C:\Users\Admin\AppData\Local\Temp\d29e7370523acf946fcd44de6ad798ae.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4088

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4088-132-0x000000000323D000-0x000000000326B000-memory.dmp

          Filesize

          184KB

          Download

        • memory/4088-133-0x00000000031A0000-0x00000000031EB000-memory.dmp

          Filesize

          300KB

          Download

        • memory/4088-134-0x0000000007840000-0x0000000007DE4000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/4088-135-0x0000000000400000-0x0000000003034000-memory.dmp

          Filesize

          44.2MB

          Download

        • memory/4088-136-0x0000000007DF0000-0x0000000008408000-memory.dmp

          Filesize

          6.1MB

          Download

        • memory/4088-137-0x00000000076F0000-0x00000000077FA000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/4088-138-0x0000000008410000-0x0000000008422000-memory.dmp

          Filesize

          72KB

          Download

        • memory/4088-139-0x0000000008430000-0x000000000846C000-memory.dmp

          Filesize

          240KB

          Download

        • memory/4088-140-0x000000000323D000-0x000000000326B000-memory.dmp

          Filesize

          184KB

          Download

        • memory/4088-141-0x0000000000400000-0x0000000003034000-memory.dmp

          Filesize

          44.2MB

          Download