Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-09-2023 06:31

General

  • Target

    7db7652a36e691842d67e53bc005bf8c802ea76a08ed05b3b2e31290ac56266e.exe

  • Size

    1.7MB

  • MD5

    e67a795bfe9f0e36f974ffd011ab6abc

  • SHA1

    33f1ad2d8457ab77adac7359ec0c19b118c2c7a3

  • SHA256

    7db7652a36e691842d67e53bc005bf8c802ea76a08ed05b3b2e31290ac56266e

  • SHA512

    9c9773c6201401b8faa7b4356e3eebae3f312ddb373257b029158648599cc867901db78c8a3065a33b4139506eea17dfb41c34b1c56f7ecd06c5227e76f18862

  • SSDEEP

    24576:u/aX48Dt0Z0HjNG1z2QgT++2aFRoIUuqaAweDSVXT5XkEu0pC2ya:u/C4S0Z0JG1qQg52aFBhqdwzXT5Xkw1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7db7652a36e691842d67e53bc005bf8c802ea76a08ed05b3b2e31290ac56266e.exe
    "C:\Users\Admin\AppData\Local\Temp\7db7652a36e691842d67e53bc005bf8c802ea76a08ed05b3b2e31290ac56266e.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4700-0-0x0000020BFDA20000-0x0000020BFDA54000-memory.dmp

    Filesize

    208KB

  • memory/4700-1-0x00007FFDAE870000-0x00007FFDAF331000-memory.dmp

    Filesize

    10.8MB

  • memory/4700-2-0x0000020BFE0A0000-0x0000020BFE0B0000-memory.dmp

    Filesize

    64KB

  • memory/4700-3-0x0000020BFE0A0000-0x0000020BFE0B0000-memory.dmp

    Filesize

    64KB

  • memory/4700-4-0x0000020BFE0A0000-0x0000020BFE0B0000-memory.dmp

    Filesize

    64KB

  • memory/4700-5-0x0000020BFE0A0000-0x0000020BFE0B0000-memory.dmp

    Filesize

    64KB

  • memory/4700-6-0x0000020C00010000-0x0000020C00018000-memory.dmp

    Filesize

    32KB

  • memory/4700-7-0x0000020C00060000-0x0000020C00098000-memory.dmp

    Filesize

    224KB

  • memory/4700-8-0x0000020C00020000-0x0000020C0002E000-memory.dmp

    Filesize

    56KB

  • memory/4700-21-0x00007FFDAE870000-0x00007FFDAF331000-memory.dmp

    Filesize

    10.8MB

  • memory/4700-22-0x0000020BFE0A0000-0x0000020BFE0B0000-memory.dmp

    Filesize

    64KB

  • memory/4700-23-0x0000020BFE0A0000-0x0000020BFE0B0000-memory.dmp

    Filesize

    64KB

  • memory/4700-24-0x0000020BFE0A0000-0x0000020BFE0B0000-memory.dmp

    Filesize

    64KB