Overview

overview

10

Static

static

10

35a0998a81...89.exe

windows7-x64

1

35a0998a81...89.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-10-2023 17:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    35a0998a81502a37c59997135862ef06e6b83ee41dfa7202908d436051a96189.exe

  • Size

    1.6MB

  • MD5

    9f99b359668729bc548f34eb41ff405d

  • SHA1

    4971b062b8e52f3f8e30620b5b40a8ed7a0fbe5b

  • SHA256

    35a0998a81502a37c59997135862ef06e6b83ee41dfa7202908d436051a96189

  • SHA512

    29cdac7793747c8a778df7f55435ff50c15086d63fc32b9cf5d737fbd50d354fb0ba2f962f93faae82b59e0780e231fc91f6eca5101539b2a97dad9179c5cb9f

  • SSDEEP

    24576:pJJoeWEH+H0Tr2F6NzubQeSjMd8y7PSMyDSVXT5XYeu2ya:pJJJWEC0Tr2ANzubQeLTPSMXT5XY+1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\35a0998a81502a37c59997135862ef06e6b83ee41dfa7202908d436051a96189.exe
    "C:\Users\Admin\AppData\Local\Temp\35a0998a81502a37c59997135862ef06e6b83ee41dfa7202908d436051a96189.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4728-0-0x0000017D703C0000-0x0000017D703F4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4728-1-0x00007FFE3B400000-0x00007FFE3BEC1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4728-2-0x0000017D703B0000-0x0000017D703C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4728-3-0x0000017D703B0000-0x0000017D703C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4728-4-0x0000017D703B0000-0x0000017D703C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4728-5-0x0000017D703B0000-0x0000017D703C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4728-6-0x0000017D70640000-0x0000017D70648000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4728-7-0x0000017D76430000-0x0000017D76468000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4728-8-0x0000017D72B60000-0x0000017D72B6E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4728-21-0x00007FFE3B400000-0x00007FFE3BEC1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4728-22-0x0000017D703B0000-0x0000017D703C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4728-23-0x0000017D703B0000-0x0000017D703C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4728-24-0x0000017D703B0000-0x0000017D703C0000-memory.dmp

    Filesize

    64KB

    Download