Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/07/2023, 11:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    file.exe

  • Size

    370KB

  • MD5

    1d80e5634d29e6928932d75d1cf9ffd0

  • SHA1

    bff485f59dcd63bdc96f986f40163ad54e379ab3

  • SHA256

    43f44d1e80d8421ea6b06c309585a81034992d4fd2b4135c199ddbcbbf4e9495

  • SHA512

    b93523c96f65986b865e26225979d9120fb821c83a7220aaf08bf14ce1b0facb4966d326d18c6af747c8198015447c523e2f83e26c5bbb6561fbe3979f6c2d6c

  • SSDEEP

    6144:PqHNLVM/Dp1B+YOU732IMBjLDFv6Vd56fsT:StBM/DpfY7d96ofU

Score
7/10
discoveryspywarestealer

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\file.exe
    "C:\Users\Admin\AppData\Local\Temp\file.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3756

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3756-134-0x0000000004BD0000-0x0000000005174000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/3756-135-0x0000000000400000-0x000000000049F000-memory.dmp

          Filesize

          636KB

          Download

        • memory/3756-137-0x00000000024F0000-0x0000000002500000-memory.dmp

          Filesize

          64KB

          Download

        • memory/3756-136-0x0000000000560000-0x000000000059D000-memory.dmp

          Filesize

          244KB

          Download

        • memory/3756-139-0x00000000051B0000-0x00000000057C8000-memory.dmp

          Filesize

          6.1MB

          Download

        • memory/3756-138-0x00000000024F0000-0x0000000002500000-memory.dmp

          Filesize

          64KB

          Download

        • memory/3756-140-0x0000000005810000-0x0000000005822000-memory.dmp

          Filesize

          72KB

          Download

        • memory/3756-141-0x0000000005830000-0x000000000593A000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/3756-142-0x0000000005940000-0x000000000597C000-memory.dmp

          Filesize

          240KB

          Download

        • memory/3756-143-0x00000000024F0000-0x0000000002500000-memory.dmp

          Filesize

          64KB

          Download

        • memory/3756-144-0x0000000005C50000-0x0000000005CB6000-memory.dmp

          Filesize

          408KB

          Download

        • memory/3756-145-0x0000000006350000-0x00000000063E2000-memory.dmp

          Filesize

          584KB

          Download

        • memory/3756-146-0x00000000063F0000-0x0000000006466000-memory.dmp

          Filesize

          472KB

          Download

        • memory/3756-147-0x00000000064B0000-0x0000000006672000-memory.dmp

          Filesize

          1.8MB

          Download

        • memory/3756-148-0x0000000006690000-0x0000000006BBC000-memory.dmp

          Filesize

          5.2MB

          Download

        • memory/3756-149-0x0000000006CC0000-0x0000000006CDE000-memory.dmp

          Filesize

          120KB

          Download

        • memory/3756-151-0x0000000000400000-0x000000000049F000-memory.dmp

          Filesize

          636KB

          Download