Overview

overview

10

Static

static

10

6ff8b5a63d...12.exe

windows7-x64

1

6ff8b5a63d...12.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-08-2023 10:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6ff8b5a63d73317d667c59a8797fc05a4bc3c16ff8bf54fc2c4909358a1ec312.exe

  • Size

    1.7MB

  • MD5

    a642980d7ff579f6063f01bcb1810244

  • SHA1

    3e409aaabef56963b79a9949a12aea085aec6014

  • SHA256

    6ff8b5a63d73317d667c59a8797fc05a4bc3c16ff8bf54fc2c4909358a1ec312

  • SHA512

    fbd944bce9bc0d1a88dd2c792f5cf88feb2e3670eb51d444f8f847c5b645210bee3759ebbc2df3c74c5316bffbe2277b497bee37e0eb44d328a642bfcc53a9c7

  • SSDEEP

    24576:8gvzrVShBLSQbOr5fc80YhUwr3+xzXN11CJ7ioARMdzNTMLBjOovG+DSVXT5Xgs3:8grSwD+xzN1E5mUzN8GXT5XgsVT1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6ff8b5a63d73317d667c59a8797fc05a4bc3c16ff8bf54fc2c4909358a1ec312.exe
    "C:\Users\Admin\AppData\Local\Temp\6ff8b5a63d73317d667c59a8797fc05a4bc3c16ff8bf54fc2c4909358a1ec312.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3720-133-0x00007FFB0BE80000-0x00007FFB0C941000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3720-134-0x000002444FC30000-0x000002444FC40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3720-135-0x000002444FC30000-0x000002444FC40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3720-136-0x000002444FC30000-0x000002444FC40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3720-137-0x000002444FC30000-0x000002444FC40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3720-138-0x0000024455670000-0x0000024455678000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3720-139-0x00000244556F0000-0x0000024455728000-memory.dmp

    Filesize

    224KB

    Download

  • memory/3720-140-0x00000244556C0000-0x00000244556CE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3720-153-0x00007FFB0BE80000-0x00007FFB0C941000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3720-154-0x000002444FC30000-0x000002444FC40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3720-155-0x000002444FC30000-0x000002444FC40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3720-156-0x000002444FC30000-0x000002444FC40000-memory.dmp

    Filesize

    64KB

    Download