Overview

overview

10

Static

static

10

d129520135...1d.exe

windows7-x64

1

d129520135...1d.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    135s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-08-2023 15:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d129520135c54dd3015d71d360644eb9039816f28247121ed0b7cc936c501a1d.exe

  • Size

    1.3MB

  • MD5

    f180d7b144a59e1fd73a8578e63176b3

  • SHA1

    493b065da48048796e9d5fdcb8571c0e0f8bdc40

  • SHA256

    d129520135c54dd3015d71d360644eb9039816f28247121ed0b7cc936c501a1d

  • SHA512

    ea3b17ee18fcb16e404ff6802473fae9633bacd59ec670e9c9e64eea3982d7a6ac0b16cc56fb2be75b9916c7062f699f94393bccbeda89c93262c30948990b67

  • SSDEEP

    24576:5nZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ52ZLLO8ZWxTMdrt1lc9bCozO6ZeKU3s9:vZZZZZZZZZZZZZZZZZZZZZZZZZZZZYLE

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d129520135c54dd3015d71d360644eb9039816f28247121ed0b7cc936c501a1d.exe
    "C:\Users\Admin\AppData\Local\Temp\d129520135c54dd3015d71d360644eb9039816f28247121ed0b7cc936c501a1d.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4612-133-0x00007FFDBF9E0000-0x00007FFDC04A1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4612-134-0x000001C4BE980000-0x000001C4BE990000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4612-135-0x000001C4BE980000-0x000001C4BE990000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4612-136-0x000001C4BE980000-0x000001C4BE990000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4612-137-0x000001C4BE980000-0x000001C4BE990000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4612-138-0x000001C4DCCC0000-0x000001C4DCCC8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4612-139-0x000001C4DCD40000-0x000001C4DCD78000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4612-140-0x000001C4DCD10000-0x000001C4DCD1E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4612-153-0x00007FFDBF9E0000-0x00007FFDC04A1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4612-154-0x000001C4BE980000-0x000001C4BE990000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4612-155-0x000001C4BE980000-0x000001C4BE990000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4612-156-0x000001C4BE980000-0x000001C4BE990000-memory.dmp

    Filesize

    64KB

    Download