Analysis

  • max time kernel
    156s
  • max time network
    173s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2023 02:02

General

  • Target

    c5f636cde3595b799b852ce27a9f939df75a9637907c0859120cfcc9250db0a9.exe

  • Size

    3.5MB

  • MD5

    320ef70127560637edb65f5ca1aa46c9

  • SHA1

    c27c272e9385e675659600c2abdf2377b1144a39

  • SHA256

    c5f636cde3595b799b852ce27a9f939df75a9637907c0859120cfcc9250db0a9

  • SHA512

    3d728e6c556aa95a16e6bff4acf658ffd3a9ae267d1486908fb22491abaca65cfe723054a5b1b93d1762217e030523c2d97dec3b0b2e64a2285c3c5cf035ee39

  • SSDEEP

    24576:QyGbP5poyteopecGJQUuTvzjPJjTPs64/Ac1cTniRkZqESyPlhKJKToRW+jJzn3c:Qvp465Tc3Rk1QRuLn0Znvyf0hIbobxo3

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c5f636cde3595b799b852ce27a9f939df75a9637907c0859120cfcc9250db0a9.exe
    "C:\Users\Admin\AppData\Local\Temp\c5f636cde3595b799b852ce27a9f939df75a9637907c0859120cfcc9250db0a9.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:1124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1124-0-0x0000000000400000-0x00000000007B3000-memory.dmp

    Filesize

    3.7MB

  • memory/1124-1-0x0000000000400000-0x00000000007B3000-memory.dmp

    Filesize

    3.7MB

  • memory/1124-11-0x0000000000400000-0x00000000007B3000-memory.dmp

    Filesize

    3.7MB