Overview

overview

10

Static

static

10

94b1cd0a3b...2b.exe

windows7-x64

1

94b1cd0a3b...2b.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    156s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-11-2023 02:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    94b1cd0a3b3dc2897c10cbc2836accfb3c62bc07755f7cff159ab820cff81f2b.exe

  • Size

    1.3MB

  • MD5

    bc28c38f1327fc837244d5dd3e14b851

  • SHA1

    7b8068e4ed077b057fb2ceec2354ec9e99f9215c

  • SHA256

    94b1cd0a3b3dc2897c10cbc2836accfb3c62bc07755f7cff159ab820cff81f2b

  • SHA512

    974af16ee5d7799e2309aca5e6386a0107263fe15d10fac75eed9ec8fb76fbe3e08672e7dbebc5850c3399c98746afe868a63797fb30e71a3048fc1faed61962

  • SSDEEP

    24576:2q02HVhoP2tRxIANrvqROnU7d/JDSVXT5X3KUE/ya:zVhoP2tRKAG7d/eXT5X361

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\94b1cd0a3b3dc2897c10cbc2836accfb3c62bc07755f7cff159ab820cff81f2b.exe
    "C:\Users\Admin\AppData\Local\Temp\94b1cd0a3b3dc2897c10cbc2836accfb3c62bc07755f7cff159ab820cff81f2b.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:5088

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5088-0-0x000001B0CF2E0000-0x000001B0CF314000-memory.dmp

    Filesize

    208KB

    Download

  • memory/5088-1-0x00007FFC9D580000-0x00007FFC9E041000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/5088-2-0x000001B0CEF50000-0x000001B0CEF60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-3-0x000001B0CEF50000-0x000001B0CEF60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-4-0x000001B0CEF50000-0x000001B0CEF60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-5-0x000001B0CEF50000-0x000001B0CEF60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-6-0x000001B0ECCC0000-0x000001B0ECCC8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/5088-7-0x000001B0ED350000-0x000001B0ED388000-memory.dmp

    Filesize

    224KB

    Download

  • memory/5088-8-0x000001B0ECCE0000-0x000001B0ECCEE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/5088-21-0x00007FFC9D580000-0x00007FFC9E041000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/5088-22-0x000001B0CEF50000-0x000001B0CEF60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-23-0x000001B0CEF50000-0x000001B0CEF60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-24-0x000001B0CEF50000-0x000001B0CEF60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-25-0x000001B0CEF50000-0x000001B0CEF60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-26-0x000001B0CEF50000-0x000001B0CEF60000-memory.dmp

    Filesize

    64KB

    Download