Overview

overview

10

Static

static

10

ffe9c7c2a1...25.exe

windows7-x64

1

ffe9c7c2a1...25.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231025-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-10-2023 18:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffe9c7c2a17973d52cfec78677cb7fe6b0a58f7f8a1494c2c3b703cecc2b9525.exe

  • Size

    1.9MB

  • MD5

    1bbdbe703efee8be584995e2e3251b1c

  • SHA1

    46b1db4c7b3ffb03e2cd7111fd29cabc239649d9

  • SHA256

    ffe9c7c2a17973d52cfec78677cb7fe6b0a58f7f8a1494c2c3b703cecc2b9525

  • SHA512

    9d516ef36898c7246b35be15ac03160ee8b7eb06794d45ca3212c3260a77348751b8179d11ce4f5dfba09e79b98504287386bf4f2cdee031acdb536fd2c5d457

  • SSDEEP

    49152:VsupYWppKBYXwbC24I1ZIEMziqp4SwWXT5XHL1:TlXZ2FDkiqCSDD571

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ffe9c7c2a17973d52cfec78677cb7fe6b0a58f7f8a1494c2c3b703cecc2b9525.exe
    "C:\Users\Admin\AppData\Local\Temp\ffe9c7c2a17973d52cfec78677cb7fe6b0a58f7f8a1494c2c3b703cecc2b9525.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1776-0-0x000002050BED0000-0x000002050BF04000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1776-1-0x00007FFE3D320000-0x00007FFE3DDE1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1776-2-0x000002050BF30000-0x000002050BF40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1776-3-0x000002050BF30000-0x000002050BF40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1776-4-0x000002050BF30000-0x000002050BF40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1776-5-0x000002050BF30000-0x000002050BF40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1776-6-0x00000205295E0000-0x00000205295E8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1776-7-0x0000020529660000-0x0000020529698000-memory.dmp

    Filesize

    224KB

    Download

  • memory/1776-8-0x0000020529630000-0x000002052963E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/1776-21-0x00007FFE3D320000-0x00007FFE3DDE1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1776-22-0x000002050BF30000-0x000002050BF40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1776-23-0x000002050BF30000-0x000002050BF40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1776-24-0x000002050BF30000-0x000002050BF40000-memory.dmp

    Filesize

    64KB

    Download