Overview

overview

10

Static

static

10

6647388fed...84.exe

windows7-x64

1

6647388fed...84.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-08-2023 13:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6647388fed3b5c865150b6c973a51efb3a3ae797c118c4af6fbaf54f883f8f84.exe

  • Size

    1.2MB

  • MD5

    fb871e918893dd52b01c286e2f023b69

  • SHA1

    f88cfcddbe302a924b7cdc8c7abd436c6ce8fbcb

  • SHA256

    6647388fed3b5c865150b6c973a51efb3a3ae797c118c4af6fbaf54f883f8f84

  • SHA512

    b72cc00d3b434e9261de9f9b2c91eba53de5143f6a118eef2f45bec4951d4d2cc6630d22c357896be4d6149eba878238cdcf7d9d0a2a54f1ee98e5cac80cbf5a

  • SSDEEP

    24576:mcXuWUdydPxg4lF1uZO9JBnsf/wkmOILyahDSVXT5X:mAU4/gmFYsrkmz1GXT5X

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6647388fed3b5c865150b6c973a51efb3a3ae797c118c4af6fbaf54f883f8f84.exe
    "C:\Users\Admin\AppData\Local\Temp\6647388fed3b5c865150b6c973a51efb3a3ae797c118c4af6fbaf54f883f8f84.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/980-133-0x00007FFB9FBE0000-0x00007FFBA06A1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/980-134-0x000002127A930000-0x000002127A940000-memory.dmp

    Filesize

    64KB

    Download

  • memory/980-135-0x000002127A930000-0x000002127A940000-memory.dmp

    Filesize

    64KB

    Download

  • memory/980-136-0x000002127A930000-0x000002127A940000-memory.dmp

    Filesize

    64KB

    Download

  • memory/980-137-0x000002127A930000-0x000002127A940000-memory.dmp

    Filesize

    64KB

    Download

  • memory/980-138-0x000002127E610000-0x000002127E618000-memory.dmp

    Filesize

    32KB

    Download

  • memory/980-139-0x000002127EC80000-0x000002127ECB8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/980-140-0x000002127E620000-0x000002127E62E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/980-153-0x00007FFB9FBE0000-0x00007FFBA06A1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/980-154-0x000002127A930000-0x000002127A940000-memory.dmp

    Filesize

    64KB

    Download

  • memory/980-155-0x000002127A930000-0x000002127A940000-memory.dmp

    Filesize

    64KB

    Download

  • memory/980-156-0x000002127A930000-0x000002127A940000-memory.dmp

    Filesize

    64KB

    Download

  • memory/980-157-0x000002127A930000-0x000002127A940000-memory.dmp

    Filesize

    64KB

    Download