Overview

overview

3

Static

static

3

30cdb2fdf7...aa.exe

windows7-x64

1

30cdb2fdf7...aa.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/10/2023, 11:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    30cdb2fdf78a92ab5a7f9ee957ff737810f4e989efeb8cf0a4fcf76b6d8ff5aa.exe

  • Size

    3.9MB

  • MD5

    d0304a05c037e7b2c00e16e31fde26b6

  • SHA1

    1c85064189eb559a17ea2dc24fbc17e927ce5989

  • SHA256

    30cdb2fdf78a92ab5a7f9ee957ff737810f4e989efeb8cf0a4fcf76b6d8ff5aa

  • SHA512

    cd6ae3f7d6a1578c59d49841b6f2db638113b6ad9df03150c76da71c7952bd5847dddbc3a6a0221355cfcd573e75751965c3ebd43d0f328e0ae517da534bc781

  • SSDEEP

    98304:IBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuY8cvwu3707iQMMvozFVrwO:h2vhBwM2dK

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\30cdb2fdf78a92ab5a7f9ee957ff737810f4e989efeb8cf0a4fcf76b6d8ff5aa.exe
    "C:\Users\Admin\AppData\Local\Temp\30cdb2fdf78a92ab5a7f9ee957ff737810f4e989efeb8cf0a4fcf76b6d8ff5aa.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4388-0-0x000001DEF5FE0000-0x000001DEF63CC000-memory.dmp

    Filesize

    3.9MB

    Download

  • memory/4388-1-0x00007FFC58F60000-0x00007FFC59A21000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4388-3-0x000001DEF6770000-0x000001DEF6780000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4388-2-0x000001DEF89E0000-0x000001DEF89F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4388-5-0x000001DEF67B0000-0x000001DEF67BE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4388-6-0x000001DEF6840000-0x000001DEF6850000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4388-4-0x000001DEF6790000-0x000001DEF67B6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/4388-7-0x000001DEF6850000-0x000001DEF685A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4388-9-0x000001DEF8830000-0x000001DEF88AC000-memory.dmp

    Filesize

    496KB

    Download

  • memory/4388-8-0x000001DEF6860000-0x000001DEF6872000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4388-10-0x000001DEF88F0000-0x000001DEF89A0000-memory.dmp

    Filesize

    704KB

    Download

  • memory/4388-11-0x000001DEFA200000-0x000001DEFA24A000-memory.dmp

    Filesize

    296KB

    Download

  • memory/4388-12-0x000001DEF89A0000-0x000001DEF89C2000-memory.dmp

    Filesize

    136KB

    Download

  • memory/4388-13-0x000001DEF88C0000-0x000001DEF88C8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4388-14-0x00007FFC58F60000-0x00007FFC59A21000-memory.dmp

    Filesize

    10.8MB

    Download