Overview

overview

10

Static

static

10

c9b4a769c7...b4.exe

windows7-x64

1

c9b4a769c7...b4.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-08-2023 20:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c9b4a769c7d70a33fba8b23126a27a04c22c88ea0e449343407a236c0cf3beb4.exe

  • Size

    1.9MB

  • MD5

    4d2e543af8a08081382dfc1172399538

  • SHA1

    3102b982b8f2baba0291963dcd56b79d696a4e3d

  • SHA256

    c9b4a769c7d70a33fba8b23126a27a04c22c88ea0e449343407a236c0cf3beb4

  • SHA512

    6c0ea9a82ed651bc582ae60e70399c2ecfc44a834b4ab71b1eebe6e9ea4f415a7b27a929e37f09b687973f7d0e8af1bea1a75cb856de533886c0a0fbe548fc91

  • SSDEEP

    49152:U7gmLRegEdJScgtyOyUO5/DKpFXT5Xm9Bn1w4:U7vC+y7EpFD5S17

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c9b4a769c7d70a33fba8b23126a27a04c22c88ea0e449343407a236c0cf3beb4.exe
    "C:\Users\Admin\AppData\Local\Temp\c9b4a769c7d70a33fba8b23126a27a04c22c88ea0e449343407a236c0cf3beb4.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1216

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1216-133-0x00007FF92CBA0000-0x00007FF92D661000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1216-134-0x0000021C75680000-0x0000021C75690000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1216-135-0x0000021C75680000-0x0000021C75690000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1216-136-0x0000021C75680000-0x0000021C75690000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1216-137-0x0000021C75680000-0x0000021C75690000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1216-138-0x0000021C7A7F0000-0x0000021C7A7F8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1216-139-0x0000021C7AE90000-0x0000021C7AEC8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/1216-140-0x0000021C7A810000-0x0000021C7A81E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/1216-144-0x00007FF92CBA0000-0x00007FF92D661000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1216-151-0x0000021C75680000-0x0000021C75690000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1216-152-0x0000021C75680000-0x0000021C75690000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1216-156-0x0000021C75680000-0x0000021C75690000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1216-157-0x0000021C75680000-0x0000021C75690000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1216-158-0x0000021C75680000-0x0000021C75690000-memory.dmp

    Filesize

    64KB

    Download