Overview

overview

10

Static

static

10

25176160e0...0d.exe

windows7-x64

1

25176160e0...0d.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    193s
  • max time network
    203s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-10-2023 13:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    25176160e07850ce4513e51c6563f14b1e7235d86db9cd8598c765ba4fca2f0d.exe

  • Size

    1.5MB

  • MD5

    1243ba4b04456e96306132d55f655c59

  • SHA1

    e67ed3518a6ec817e4b080a71cc53147fd11eb8e

  • SHA256

    25176160e07850ce4513e51c6563f14b1e7235d86db9cd8598c765ba4fca2f0d

  • SHA512

    ba3700f063f2440689ee5b9b2021bc99042d45b94fed8c0ee92d96f6b3f62242919dd6cee524c7335a74c3c58c51f2c3c81bab98d6282bcab7115cab201463ca

  • SSDEEP

    24576:baGvFcU9u12oW8PG9i4fTguK1lDSVXT5X8gkDadya3AWOE:ncU9u12olPR4f6aXT5XjkDad1w4

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\25176160e07850ce4513e51c6563f14b1e7235d86db9cd8598c765ba4fca2f0d.exe
    "C:\Users\Admin\AppData\Local\Temp\25176160e07850ce4513e51c6563f14b1e7235d86db9cd8598c765ba4fca2f0d.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2300

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2300-0-0x000001DB0BC50000-0x000001DB0BC84000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2300-1-0x00007FF93E8F0000-0x00007FF93F3B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2300-2-0x000001DB0BCB0000-0x000001DB0BCC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2300-3-0x000001DB0BCB0000-0x000001DB0BCC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2300-4-0x000001DB0BCB0000-0x000001DB0BCC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2300-5-0x000001DB0BCB0000-0x000001DB0BCC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2300-6-0x000001DB0BCB0000-0x000001DB0BCC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2300-7-0x000001DB29100000-0x000001DB29108000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2300-8-0x000001DB29790000-0x000001DB297C8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2300-9-0x000001DB29150000-0x000001DB2915E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2300-22-0x00007FF93E8F0000-0x00007FF93F3B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2300-23-0x000001DB0BCB0000-0x000001DB0BCC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2300-24-0x000001DB0BCB0000-0x000001DB0BCC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2300-25-0x000001DB0BCB0000-0x000001DB0BCC0000-memory.dmp

    Filesize

    64KB

    Download