Overview

overview

7

Static

static

7

86e3e7dc9c...02.zip

windows10-2004-x64

1

vfuggEeZM.exe

windows10-2004-x64

7

out.exe

windows10-2004-x64

3

Resubmissions

11/09/2023, 04:20

230911-eyks5sde3y 7

10/07/2023, 15:49

230710-s9jl4sbg64 7

Analysis

  • max time kernel
    1368s
  • max time network
    1157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230831-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230831-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/09/2023, 04:20

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    86e3e7dc9cafd72776d32eb551e0c4ee69414037480024a2667843d621860502.zip

  • Size

    85KB

  • MD5

    1b868e3b87969d2847f206f66a6c8925

  • SHA1

    5010d0284477655c6028c3d42294b708c211f477

  • SHA256

    0b66acce9c7fd66d9d91027768ce42fd1aafc0cb90c2fbef54f0e6ae0825c9cc

  • SHA512

    15ab19cb54ee1a045e50de5847f7fd6f9b063c7cf97e8abc52d6a1aaa197362065ab88aad275e74109ac54a330fedfcfecfbd25700774f460a45ea14e6a7f327

  • SSDEEP

    1536:beS8UJlfwJGz6LhsiM8Cq6NZ05bYbjJE5TgwWPkn7PbaDzk7DTkQsDg:Z8mf369siM8CpaYbdESw1tb7sM

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\86e3e7dc9cafd72776d32eb551e0c4ee69414037480024a2667843d621860502.zip
    1⤵
      PID:888
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:2016
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:320

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
              Filesize

              16KB

              MD5

              6837db697bad93964333a2505aa42247

              SHA1

              13189a8e0bb6e68460bd7cbc9b833d00f26e0d18

              SHA256

              0347b50d323e0396ce99025d6881d5dad161949b90a81319731f3e60794f5745

              SHA512

              d26c132724a2564c9696cdaa2b8baf056d664f641ed5b2755864c307bbbd7fc8fbd64e66dd3c35154537f2265edc20d57491b1e7722281f5943e189fa24f258e

              Download Submit

            • memory/320-40-0x00000299B18D0000-0x00000299B18D1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-42-0x00000299B18D0000-0x00000299B18D1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-33-0x00000299B18D0000-0x00000299B18D1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-34-0x00000299B18D0000-0x00000299B18D1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-35-0x00000299B18D0000-0x00000299B18D1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-36-0x00000299B18D0000-0x00000299B18D1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-37-0x00000299B18D0000-0x00000299B18D1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-38-0x00000299B18D0000-0x00000299B18D1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-39-0x00000299B18D0000-0x00000299B18D1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-43-0x00000299B1500000-0x00000299B1501000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-32-0x00000299B18B0000-0x00000299B18B1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-41-0x00000299B18D0000-0x00000299B18D1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-0-0x00000299A9240000-0x00000299A9250000-memory.dmp

              Filesize

              64KB

              Download

            • memory/320-44-0x00000299B14F0000-0x00000299B14F1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-46-0x00000299B1500000-0x00000299B1501000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-49-0x00000299B14F0000-0x00000299B14F1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-52-0x00000299A8BF0000-0x00000299A8BF1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-16-0x00000299A9340000-0x00000299A9350000-memory.dmp

              Filesize

              64KB

              Download

            • memory/320-64-0x00000299B1630000-0x00000299B1631000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-66-0x00000299B1640000-0x00000299B1641000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-67-0x00000299B1640000-0x00000299B1641000-memory.dmp

              Filesize

              4KB

              Download

            • memory/320-68-0x00000299B1750000-0x00000299B1751000-memory.dmp

              Filesize

              4KB

              Download