Overview

overview

10

Static

static

10

0666665433...cb.exe

windows7-x64

1

0666665433...cb.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-10-2023 01:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0666665433fa1ee86a00c6f0ac32aca55b67f5408d1712825d7d15bbc8ef0ecb.exe

  • Size

    1.7MB

  • MD5

    ed156fbc3f4d4248bb680cb6711a78a4

  • SHA1

    19463b20ffb99df13d8e02d24bdbdb2e3980b097

  • SHA256

    0666665433fa1ee86a00c6f0ac32aca55b67f5408d1712825d7d15bbc8ef0ecb

  • SHA512

    415d68ecd1e2a3dd17e92a733c916fef6c1dccf23b1e345cdb2f5afc3972420368b4777819f489e54736d13efc5c179196aae7b76f5d596d5903f6cb0baf8867

  • SSDEEP

    24576:fNTk0CqZeG/08PmUaOX/1jcyFIBHiLfadsUILqsYDSVXT5XCCCya:fNTkEZ4uTaOX1cIIB1sMsdXT5XDC1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0666665433fa1ee86a00c6f0ac32aca55b67f5408d1712825d7d15bbc8ef0ecb.exe
    "C:\Users\Admin\AppData\Local\Temp\0666665433fa1ee86a00c6f0ac32aca55b67f5408d1712825d7d15bbc8ef0ecb.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1180-0-0x0000017529A80000-0x0000017529AB4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1180-2-0x0000017542470000-0x0000017542480000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1180-3-0x0000017542470000-0x0000017542480000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1180-1-0x00007FFC3A970000-0x00007FFC3B431000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1180-4-0x0000017542470000-0x0000017542480000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1180-5-0x0000017542470000-0x0000017542480000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1180-6-0x00000175441F0000-0x00000175441F8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1180-7-0x0000017547AD0000-0x0000017547B08000-memory.dmp

    Filesize

    224KB

    Download

  • memory/1180-8-0x0000017547A90000-0x0000017547A9E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/1180-21-0x00007FFC3A970000-0x00007FFC3B431000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1180-22-0x0000017542470000-0x0000017542480000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1180-23-0x0000017542470000-0x0000017542480000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1180-24-0x0000017542470000-0x0000017542480000-memory.dmp

    Filesize

    64KB

    Download