Overview

overview

10

Static

static

10

jsFhhfngkaDj.exe

windows7-x64

1

jsFhhfngkaDj.exe

windows10-2004-x64

1

Resubmissions

15-10-2023 11:37

231015-nrgycaha22 10

24-07-2023 15:22

230724-ssamwaeh63 10

24-07-2023 14:56

230724-sa2zeaee77 10

24-07-2023 14:55

230724-sajg3aee68 10

24-07-2023 14:49

230724-r64bnsed95 10

13-03-2023 12:39

230313-pvx96scd7x 10

Analysis

  • max time kernel
    142s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-07-2023 14:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jsFhhfngkaDj.exe

  • Size

    936KB

  • MD5

    8bd774fbc6f846992abda69ddabc3fb7

  • SHA1

    a6e940b1bd92864b742fbd5ed9b2ef763d788ea7

  • SHA256

    a9741b16f4169f56ae0f2e49c87f3c5360ed5ab4370e6d16bd86179999f11795

  • SHA512

    037c1f895d3bb44e5f37abec7202325639d6414cab71df88663b573a04a5f8d9cd3f5939fdcfdec995cec35f6e3ed2f905b78270522ffdd98f7e2a93106d6480

  • SSDEEP

    24576:zw71/dET5/y1ufQfvDN3y60HyOci+MIjxnGxs:Q1FWq1ufwrVy60HWMIVGK

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\jsFhhfngkaDj.exe
    C:\Users\Admin\AppData\Local\Temp\jsFhhfngkaDj.exe runrun
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2396
  • C:\Windows\system32\rundll32.exe
    "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
    1⤵
      PID:4640
    • C:\Windows\System32\svchost.exe
      C:\Windows\System32\svchost.exe -k UnistackSvcGroup
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:1376

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
      Filesize

      16KB

      MD5

      ae8c24f052cabbabc36354b0278aab85

      SHA1

      1469a6649b2432a8dfd24b30c6bb0ab039cb092a

      SHA256

      ff3ff10d2aa213d6f996ffe7b2daa3b17a3d93049dcb80f5aabd0c028ecf3f00

      SHA512

      fec42d985413bd891e8b009e0666aadfd3ef395280cead0de6e56120f79ab112c043240321ae122c5018b00fcbf76af5c96b2c50047baf88b10fca1478ea6e1d

      Download Submit

    • memory/1376-177-0x00000222704A0000-0x00000222704A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-170-0x00000222704A0000-0x00000222704A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-179-0x00000222704A0000-0x00000222704A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-171-0x00000222704A0000-0x00000222704A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-172-0x00000222704A0000-0x00000222704A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-173-0x00000222704A0000-0x00000222704A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-174-0x00000222704A0000-0x00000222704A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-175-0x00000222704A0000-0x00000222704A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-180-0x00000222700D0000-0x00000222700D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-137-0x0000022267D90000-0x0000022267DA0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1376-205-0x0000022270320000-0x0000022270321000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-169-0x0000022270480000-0x0000022270481000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-176-0x00000222704A0000-0x00000222704A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-181-0x00000222700C0000-0x00000222700C1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-183-0x00000222700D0000-0x00000222700D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-186-0x00000222700C0000-0x00000222700C1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-189-0x0000022270000000-0x0000022270001000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-153-0x0000022267E90000-0x0000022267EA0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1376-201-0x0000022270200000-0x0000022270201000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-203-0x0000022270210000-0x0000022270211000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-204-0x0000022270210000-0x0000022270211000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1376-178-0x00000222704A0000-0x00000222704A1000-memory.dmp

      Filesize

      4KB

      Download