e34a0063d848b70dc26b96c8cf5fde9893de312c93de2fe8aaa08fcac01724cf

Analysis

max time kernel
142s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
18/07/2023, 09:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e34a0063d848b70dc26b96c8cf5fde9893de312c93de2fe8aaa08fcac01724cf.exe
Size

5.9MB
MD5

5d96a209d067c1dbba91eaf4926c966d
SHA1

ed75224ddc8fc1818e3ae8c64a342c6ecf8c4cdc
SHA256

e34a0063d848b70dc26b96c8cf5fde9893de312c93de2fe8aaa08fcac01724cf
SHA512

5fbed9ec1b8c920e4bdf8351c15ed40fef21ef3b54bd44d7bcd9a6a7f7c283ac6dcc9a4406d43ef19539746552b0f8c8b6217ddf2e4f2ed7dc9a6ee04d981a39
SSDEEP

98304:oVzp5s5j2aDKHeeDuZehYPr/SoxJTFuJpZ2JqLK+/V7SUNB+R9QZbA4KKKTc:29Cl2aDKHFha//FuJZL5NNB+R9oAfKZ

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4960	e34a0063d848b70dc26b96c8cf5fde9893de312c93de2fe8aaa08fcac01724cf.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3700	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3700	AUDIODG.EXE

C:\Users\Admin\AppData\Local\Temp\e34a0063d848b70dc26b96c8cf5fde9893de312c93de2fe8aaa08fcac01724cf.exe
"C:\Users\Admin\AppData\Local\Temp\e34a0063d848b70dc26b96c8cf5fde9893de312c93de2fe8aaa08fcac01724cf.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:4960

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x490 0x2ec
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4960-133-0x00000000007A0000-0x00000000007A1000-memory.dmp

Filesize
4KB

Download
memory/4960-134-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-135-0x00000000007A0000-0x00000000007A1000-memory.dmp

Filesize
4KB

Download
memory/4960-136-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-137-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-138-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-139-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-140-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-141-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-142-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-143-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-144-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-145-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-146-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-147-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/4960-148-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads