Overview

overview

10

Static

static

10

2d520801f3...48.exe

windows7-x64

1

2d520801f3...48.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    164s
  • max time network
    170s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-09-2023 16:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2d520801f3db4b2010c714168e894b104b3129fafd6fc25eea817692ccee1848.exe

  • Size

    1.9MB

  • MD5

    acfdec4c2f46243919e0dcaeb226f10b

  • SHA1

    ad3cd9c3bd0dea2903ab01afa9c8f3b513a73175

  • SHA256

    2d520801f3db4b2010c714168e894b104b3129fafd6fc25eea817692ccee1848

  • SHA512

    447367c9346898c62aeb246383febcd45f3d22c6001f81a4460ece82d72b7515f6bdbeb5510308cc4744ced8e9573bfe195e4bed756781a64945f92572c1771f

  • SSDEEP

    49152:2DycVRqImDU84THsbHWvTcs+EfoR9ztZe+E7uAUXT5X81:O78ptZNTD5s1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2d520801f3db4b2010c714168e894b104b3129fafd6fc25eea817692ccee1848.exe
    "C:\Users\Admin\AppData\Local\Temp\2d520801f3db4b2010c714168e894b104b3129fafd6fc25eea817692ccee1848.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:644

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/644-0-0x00000263B4F20000-0x00000263B4F54000-memory.dmp

    Filesize

    208KB

    Download

  • memory/644-1-0x00007FFBCD880000-0x00007FFBCE341000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/644-2-0x00000263CD700000-0x00000263CD710000-memory.dmp

    Filesize

    64KB

    Download

  • memory/644-3-0x00000263CD700000-0x00000263CD710000-memory.dmp

    Filesize

    64KB

    Download

  • memory/644-4-0x00000263CD700000-0x00000263CD710000-memory.dmp

    Filesize

    64KB

    Download

  • memory/644-5-0x00000263D2910000-0x00000263D2918000-memory.dmp

    Filesize

    32KB

    Download

  • memory/644-6-0x00000263D2F80000-0x00000263D2FB8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/644-7-0x00000263D2F50000-0x00000263D2F5E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/644-20-0x00007FFBCD880000-0x00007FFBCE341000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/644-21-0x00000263CD700000-0x00000263CD710000-memory.dmp

    Filesize

    64KB

    Download

  • memory/644-22-0x00000263CD700000-0x00000263CD710000-memory.dmp

    Filesize

    64KB

    Download

  • memory/644-23-0x00000263CD700000-0x00000263CD710000-memory.dmp

    Filesize

    64KB

    Download