Overview

overview

10

Static

static

10

ce666efb57...29.exe

windows7-x64

1

ce666efb57...29.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230831-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230831-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-09-2023 08:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ce666efb57b88a3d1c61261702d14b8c9089eae60cc639249dcf21525b96f029.exe

  • Size

    1.6MB

  • MD5

    8894ab00ce358d4dae761b0bd0abc9b0

  • SHA1

    09e6b38161b83a6fd1fbe08b318073646c1b8db4

  • SHA256

    ce666efb57b88a3d1c61261702d14b8c9089eae60cc639249dcf21525b96f029

  • SHA512

    56f90dbc391644d0ace1bdcc259c4d74f4dcc0e3c470c31e97469b672fae9d09871709d8f6807316e4bdfb4252e599b95d47d0f87bcc91b23960b6f08dc27411

  • SSDEEP

    24576:a2mPOhT3boCHHjBu/L2Db91I+ZR5i2gLYj+OksJ+DSVXT5XUiMDCtmya:a2mmhTcCnFuj2DTI+QLe+OZXT5XqGg1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ce666efb57b88a3d1c61261702d14b8c9089eae60cc639249dcf21525b96f029.exe
    "C:\Users\Admin\AppData\Local\Temp\ce666efb57b88a3d1c61261702d14b8c9089eae60cc639249dcf21525b96f029.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:5028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5028-0-0x00007FFAD40E0000-0x00007FFAD4BA1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/5028-1-0x000001D751780000-0x000001D751790000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5028-2-0x000001D751780000-0x000001D751790000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5028-3-0x000001D751780000-0x000001D751790000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5028-4-0x000001D751780000-0x000001D751790000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5028-5-0x000001D76BDF0000-0x000001D76BDF8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/5028-6-0x000001D76BE70000-0x000001D76BEA8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/5028-7-0x000001D76BE40000-0x000001D76BE4E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/5028-20-0x00007FFAD40E0000-0x00007FFAD4BA1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/5028-21-0x000001D751780000-0x000001D751790000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5028-22-0x000001D751780000-0x000001D751790000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5028-23-0x000001D751780000-0x000001D751790000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5028-24-0x000001D751780000-0x000001D751790000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5028-25-0x000001D751780000-0x000001D751790000-memory.dmp

    Filesize

    64KB

    Download