Overview

overview

10

Static

static

10

efa6b6fc32...bd.exe

windows7-x64

1

efa6b6fc32...bd.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    172s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-10-2023 12:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    efa6b6fc32c6727867a6ea4d8339b7bebf2185e5d8df8000031433156b59f1bd.exe

  • Size

    1.7MB

  • MD5

    b8c323e036e199312402158eb3aee8e8

  • SHA1

    37e4d07af31a7d6d074e67531c6c1ed1ae392116

  • SHA256

    efa6b6fc32c6727867a6ea4d8339b7bebf2185e5d8df8000031433156b59f1bd

  • SHA512

    866ed57a5163121b7f5e386fca885c255a0f0d720402c3f44a15c0bf0447085c5368f8d1737e78ef557cb221974de32c32eb68207a94379ff0cd9f847c8bdf27

  • SSDEEP

    24576:u/aX4CDt0ZNHjNG1z2QgT++2aNRoIUuqacvanGBDSVXT5X6ya:u/C4w0ZNJG1qQg52aNxhqbvFmXT5X61

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\efa6b6fc32c6727867a6ea4d8339b7bebf2185e5d8df8000031433156b59f1bd.exe
    "C:\Users\Admin\AppData\Local\Temp\efa6b6fc32c6727867a6ea4d8339b7bebf2185e5d8df8000031433156b59f1bd.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4068-0-0x00000168DC0D0000-0x00000168DC104000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4068-1-0x00007FF9134C0000-0x00007FF913F81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4068-3-0x00000168DC090000-0x00000168DC0A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4068-2-0x00000168DC090000-0x00000168DC0A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4068-4-0x00000168DC090000-0x00000168DC0A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4068-5-0x00007FF9134C0000-0x00007FF913F81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4068-6-0x00000168DC090000-0x00000168DC0A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4068-7-0x00000168DC090000-0x00000168DC0A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4068-8-0x00000168F5670000-0x00000168F5678000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4068-9-0x00000168F58F0000-0x00000168F5928000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4068-10-0x00000168F58B0000-0x00000168F58BE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4068-23-0x00000168DC090000-0x00000168DC0A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4068-24-0x00000168DC090000-0x00000168DC0A0000-memory.dmp

    Filesize

    64KB

    Download