Overview

overview

6

Static

static

1

Latite_Minimal.exe

windows7-x64

6

Latite_Minimal.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    59s
  • max time network
    53s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    02/04/2023, 11:20

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Latite_Minimal.exe

  • Size

    38KB

  • MD5

    e8ebc4bfe01fdd275f2079e283266e00

  • SHA1

    fc583143a460e3cc0ce588ce2bfb66161c9b7ee2

  • SHA256

    09a413102826c05d1eb8acf9d81ac0a2a5cce88465b3ec4b2711c2ec4a66f2fc

  • SHA512

    c8fe0bb048568f19b923fc1681dff02509440777a473d56866c6fc2b84c14689ea944db185558c926889274e4e03a37196982b23a0f268f49ebd5def4cfa8114

  • SSDEEP

    768:oLeESTrpRjCmtSk3PH4mtbFzRbhiBea3qhxqxjyPCM:oLeESTrL+SSwPHbtboqhnCM

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Latite_Minimal.exe
    "C:\Users\Admin\AppData\Local\Temp\Latite_Minimal.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1204
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x4bc
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:896

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1204-54-0x0000000000A10000-0x0000000000A1E000-memory.dmp

          Filesize

          56KB

          Download

        • memory/1204-55-0x000000001AD20000-0x000000001ADA0000-memory.dmp

          Filesize

          512KB

          Download