a6f785645d68c7914bce7fefe7ec8afb279c4aab1e44244040efefb11e41f93a

Analysis

max time kernel
122s
max time network
146s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
31-10-2023 13:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5a896b4dd805bd44919151f4f5067d4d37a9840eb42396ad8b74a739bb53c511.exe
Size

3.9MB
MD5

3465351d6fddfea2afe2f974c362d513
SHA1

8b4607df1ced245c58b01af0e736dbc66668b2a5
SHA256

5a896b4dd805bd44919151f4f5067d4d37a9840eb42396ad8b74a739bb53c511
SHA512

1f01e5bf1fe8e2d65200e56d1caa481ddf24f6e3571ee7769342053403b79fff21513a63407e0721ec5dbe5e80560aa27887e1ffdd0d5584d7b2c0df666d6907
SSDEEP

98304:aBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuY8cvwu3707iQMMvozFVrw2:f2vhBwM2dK

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1984	5a896b4dd805bd44919151f4f5067d4d37a9840eb42396ad8b74a739bb53c511.exe
1984	5a896b4dd805bd44919151f4f5067d4d37a9840eb42396ad8b74a739bb53c511.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1984	5a896b4dd805bd44919151f4f5067d4d37a9840eb42396ad8b74a739bb53c511.exe

C:\Users\Admin\AppData\Local\Temp\5a896b4dd805bd44919151f4f5067d4d37a9840eb42396ad8b74a739bb53c511.exe
"C:\Users\Admin\AppData\Local\Temp\5a896b4dd805bd44919151f4f5067d4d37a9840eb42396ad8b74a739bb53c511.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1984-0-0x0000000000390000-0x000000000077C000-memory.dmp

Filesize
3.9MB

Download
memory/1984-1-0x000007FEF5B00000-0x000007FEF64EC000-memory.dmp

Filesize
9.9MB

Download
memory/1984-2-0x000000001B3C0000-0x000000001B440000-memory.dmp

Filesize
512KB

Download
memory/1984-3-0x00000000001C0000-0x00000000001D0000-memory.dmp

Filesize
64KB

Download
memory/1984-4-0x00000000001E0000-0x0000000000206000-memory.dmp

Filesize
152KB

Download
memory/1984-5-0x0000000000370000-0x000000000037E000-memory.dmp

Filesize
56KB

Download
memory/1984-6-0x0000000000380000-0x0000000000390000-memory.dmp

Filesize
64KB

Download
memory/1984-7-0x0000000000880000-0x000000000088A000-memory.dmp

Filesize
40KB

Download
memory/1984-8-0x0000000000890000-0x00000000008A2000-memory.dmp

Filesize
72KB

Download
memory/1984-9-0x0000000000A20000-0x0000000000A9C000-memory.dmp

Filesize
496KB

Download
memory/1984-10-0x000000001ABE0000-0x000000001AC90000-memory.dmp

Filesize
704KB

Download
memory/1984-11-0x0000000002370000-0x00000000023BA000-memory.dmp

Filesize
296KB

Download
memory/1984-12-0x00000000009E0000-0x00000000009E8000-memory.dmp

Filesize
32KB

Download
memory/1984-14-0x00000000008A0000-0x00000000008AA000-memory.dmp

Filesize
40KB

Download
memory/1984-15-0x00000000008B0000-0x00000000008BA000-memory.dmp

Filesize
40KB

Download
memory/1984-16-0x00000000008C0000-0x00000000008CC000-memory.dmp

Filesize
48KB

Download
memory/1984-17-0x0000000000AA0000-0x0000000000AC8000-memory.dmp

Filesize
160KB

Download
memory/1984-18-0x00000000023C0000-0x00000000023CC000-memory.dmp

Filesize
48KB

Download
memory/1984-19-0x00000000023D0000-0x00000000023EA000-memory.dmp

Filesize
104KB

Download
memory/1984-20-0x00000000025E0000-0x000000000260C000-memory.dmp

Filesize
176KB

Download
memory/1984-21-0x000000001BAE0000-0x000000001BB62000-memory.dmp

Filesize
520KB

Download
memory/1984-23-0x0000000002610000-0x000000000261A000-memory.dmp

Filesize
40KB

Download
memory/1984-22-0x0000000000A00000-0x0000000000A0A000-memory.dmp

Filesize
40KB

Download
memory/1984-24-0x0000000002610000-0x0000000002618000-memory.dmp

Filesize
32KB

Download
memory/1984-25-0x000000001AD40000-0x000000001AD7A000-memory.dmp

Filesize
232KB

Download
memory/1984-26-0x000000001B3C0000-0x000000001B440000-memory.dmp

Filesize
512KB

Download
memory/1984-27-0x000000001B3C0000-0x000000001B440000-memory.dmp

Filesize
512KB

Download
memory/1984-28-0x0000000000A00000-0x0000000000A0A000-memory.dmp

Filesize
40KB

Download
memory/1984-29-0x0000000002550000-0x000000000255E000-memory.dmp

Filesize
56KB

Download
memory/1984-30-0x000000001AC90000-0x000000001AC9C000-memory.dmp

Filesize
48KB

Download
memory/1984-31-0x000000001ACA0000-0x000000001ACAE000-memory.dmp

Filesize
56KB

Download
memory/1984-35-0x000007FEF5B00000-0x000007FEF64EC000-memory.dmp

Filesize
9.9MB

Download
memory/1984-34-0x000000001C110000-0x000000001C186000-memory.dmp

Filesize
472KB

Download
memory/1984-37-0x000000001B240000-0x000000001B241000-memory.dmp

Filesize
4KB

Download
memory/1984-36-0x000000001B360000-0x000000001B386000-memory.dmp

Filesize
152KB

Download
memory/1984-39-0x000000001B3C0000-0x000000001B440000-memory.dmp

Filesize
512KB

Download
memory/1984-40-0x000000001B3C0000-0x000000001B440000-memory.dmp

Filesize
512KB

Download
memory/1984-38-0x000000001B390000-0x000000001B3A6000-memory.dmp

Filesize
88KB

Download
memory/1984-41-0x000000001B3B0000-0x000000001B3BA000-memory.dmp

Filesize
40KB

Download
memory/1984-42-0x0000000000A00000-0x0000000000A0A000-memory.dmp

Filesize
40KB

Download
memory/1984-43-0x0000000002610000-0x000000000261A000-memory.dmp

Filesize
40KB

Download
memory/1984-44-0x000000001B3C0000-0x000000001B440000-memory.dmp

Filesize
512KB

Download
memory/1984-45-0x000000001B3C0000-0x000000001B440000-memory.dmp

Filesize
512KB

Download
memory/1984-46-0x000000001B3C0000-0x000000001B440000-memory.dmp

Filesize
512KB

Download