00e89eddc18f9bbc93c4c8b204ab3010bbb62a4f237a823e7926c4b1cec1067b

Analysis

max time kernel
142s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
12/07/2023, 08:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

00e89eddc18f9bbc93c4c8b20.exe
Size

1.5MB
MD5

12f58c6e8e6bc30e012b1463251e9c36
SHA1

6387600cc0187f8bfdb85000a9396a62a515521a
SHA256

00e89eddc18f9bbc93c4c8b204ab3010bbb62a4f237a823e7926c4b1cec1067b
SHA512

05cfc6f342c85c08d9b53f0c9bdf6ddb65a051fdb5b7ca4d3de94f5f33a1367b8eb1e9e7943022da8021ede73ce768947b8a699c1724836a55317900c7aa4904
SSDEEP

49152:TkQTASQ4VrxHhyT5ANpNTX5mPhpwnA+Cj:TaSXg4TAPhpwUj

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2088	00e89eddc18f9bbc93c4c8b20.exe
2088	00e89eddc18f9bbc93c4c8b20.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2088	00e89eddc18f9bbc93c4c8b20.exe

C:\Users\Admin\AppData\Local\Temp\00e89eddc18f9bbc93c4c8b20.exe
"C:\Users\Admin\AppData\Local\Temp\00e89eddc18f9bbc93c4c8b20.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2088

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2088-133-0x0000000005390000-0x0000000005934000-memory.dmp

Filesize
5.6MB

Download
memory/2088-134-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-135-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-137-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-139-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-141-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-143-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-145-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-148-0x00000000029B0000-0x00000000029C0000-memory.dmp

Filesize
64KB

Download
memory/2088-147-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-150-0x00000000029B0000-0x00000000029C0000-memory.dmp

Filesize
64KB

Download
memory/2088-152-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-151-0x00000000029B0000-0x00000000029C0000-memory.dmp

Filesize
64KB

Download
memory/2088-154-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-156-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-158-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-160-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-162-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-164-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-166-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-168-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-170-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-172-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-174-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-176-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-178-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-180-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-182-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-184-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-186-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-188-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-190-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-192-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-194-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-196-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-198-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-200-0x0000000004FB0000-0x0000000005191000-memory.dmp

Filesize
1.9MB

Download
memory/2088-965-0x00000000029B0000-0x00000000029C0000-memory.dmp

Filesize
64KB

Download
memory/2088-968-0x00000000029B0000-0x00000000029C0000-memory.dmp

Filesize
64KB

Download
memory/2088-967-0x00000000029B0000-0x00000000029C0000-memory.dmp

Filesize
64KB

Download
memory/2088-5468-0x0000000005BC0000-0x0000000005C52000-memory.dmp

Filesize
584KB

Download
memory/2088-5469-0x0000000005ED0000-0x0000000005EDA000-memory.dmp

Filesize
40KB

Download
memory/2088-5470-0x00000000029B0000-0x00000000029C0000-memory.dmp

Filesize
64KB

Download
memory/2088-5471-0x0000000002980000-0x0000000002981000-memory.dmp

Filesize
4KB

Download
memory/2088-5472-0x00000000029B0000-0x00000000029C0000-memory.dmp

Filesize
64KB

Download