Overview

overview

10

Static

static

10

4fdf05e794...23.exe

windows7-x64

1

4fdf05e794...23.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-08-2023 01:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4fdf05e7943e04b71ccb153b23c2e0e844e189fc6005ddf4d5ff187246d3f523.exe

  • Size

    1.6MB

  • MD5

    4325a5c46302fa53f0cff5ae18f31e87

  • SHA1

    ae6660d97e019017f1a6783e440b7b892b443b97

  • SHA256

    4fdf05e7943e04b71ccb153b23c2e0e844e189fc6005ddf4d5ff187246d3f523

  • SHA512

    90c9ff0e1e31bfa4210d844bd55649ca7096bc7ca78c5f3d01a4f3911eab26fb84e68fedd5e74bf8ff0187ffc80c15c9c0055d95522f7111f37cb944b7bf09fa

  • SSDEEP

    24576:VeOCnoITBKtKUFIb99eESRh0ME23JMKOuTlyLoA6D6IVPx7JDSVXT5XOt4eSyaR:Vmy0V2ZMKOYb1PxKXT5Xug1R

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4fdf05e7943e04b71ccb153b23c2e0e844e189fc6005ddf4d5ff187246d3f523.exe
    "C:\Users\Admin\AppData\Local\Temp\4fdf05e7943e04b71ccb153b23c2e0e844e189fc6005ddf4d5ff187246d3f523.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3152-0-0x00007FF8BF3F0000-0x00007FF8BFEB1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3152-1-0x000001E056950000-0x000001E056960000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3152-2-0x000001E056950000-0x000001E056960000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3152-3-0x000001E056950000-0x000001E056960000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3152-4-0x000001E056940000-0x000001E056948000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3152-5-0x000001E05C1B0000-0x000001E05C1E8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/3152-6-0x000001E05C180000-0x000001E05C18E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3152-19-0x00007FF8BF3F0000-0x00007FF8BFEB1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3152-20-0x000001E056950000-0x000001E056960000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3152-21-0x000001E056950000-0x000001E056960000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3152-22-0x000001E056950000-0x000001E056960000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3152-23-0x000001E056950000-0x000001E056960000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3152-24-0x000001E056950000-0x000001E056960000-memory.dmp

    Filesize

    64KB

    Download