Overview

overview

3

Static

static

3

342d29d1a3...8b.exe

windows7-x64

3

342d29d1a3...8b.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-09-2023 11:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    342d29d1a3c61fd3028d7f1c968c62545e6f7e4eedde6ea37c5473eb9388e78b.exe

  • Size

    7.4MB

  • MD5

    46df76940e32acd7bd913e253df37d4c

  • SHA1

    9ab6c626efc0a461240a3bf245b34d7e148ebdcd

  • SHA256

    342d29d1a3c61fd3028d7f1c968c62545e6f7e4eedde6ea37c5473eb9388e78b

  • SHA512

    ca56c96d2ad591697b250682e8f7bf5c5e922e545f7157b3b37f31ad9a08439cf06294789c142a6f6b847c0b1ebfb5f6be03c42050b637db7ba8d415be432a81

  • SSDEEP

    98304:RJTjxdXwaxMWbYMLVaBV13rtWcxALv2zzpJBAUZLS:jxdXVJLVaBV13rtWlevpJV

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\342d29d1a3c61fd3028d7f1c968c62545e6f7e4eedde6ea37c5473eb9388e78b.exe
    "C:\Users\Admin\AppData\Local\Temp\342d29d1a3c61fd3028d7f1c968c62545e6f7e4eedde6ea37c5473eb9388e78b.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:3092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\ÅäÖÃ.ini
    Filesize

    3KB

    MD5

    c38adc43d1bf4bc9e9b14c158be2acad

    SHA1

    1291ee93ed4c95d09175989ee81e9f13f7d6ed32

    SHA256

    d8f687483220e120e9b9668b95c1fa6c4a155d3e2ca1a8ad6c6a1b3051a87fc4

    SHA512

    e138dbe9fba0e315dda22b28c8d1dcb558037a44deaba8fd2104c8995fa75d585f0b3c713bd84d40d58b9258f91b152c191b3c1716ee9567ec5f5cee48029c76

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\ÅäÖÃ.ini
    Filesize

    642B

    MD5

    c915dac53edba103b3e08246ee3ad790

    SHA1

    051ee29db79928a7aa2489e2b1c40770b74669e6

    SHA256

    87148147475d424c39665f2ed129dbc2eb8a95a910290788e1b1d3aa864215e8

    SHA512

    46573d62a877dd28cb4787d82c8c5ffe02010a6df8e4a18291f26057c22ae2923daf26094e08a864aeed4542cabfd6528d9b00b2987653a9078389fbea0e4e11

    Download Submit

  • memory/3092-5-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3092-381-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3092-4-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3092-0-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3092-9-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3092-10-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3092-11-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3092-2-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3092-1-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3092-372-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3092-375-0x00000000050D0000-0x00000000050D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3092-3-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3092-380-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3092-382-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/3092-920-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3092-921-0x00000000050D0000-0x00000000050D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3092-922-0x00000000050D0000-0x00000000050D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3092-1031-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3092-1030-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3092-1032-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3092-5313-0x0000000000400000-0x0000000000B9E000-memory.dmp

    Filesize

    7.6MB

    Download