Overview

overview

10

Static

static

10

1864831e99...ea.exe

windows7-x64

1

1864831e99...ea.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-11-2023 23:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1864831e99c8fd62b5f7d385dbab74d0b04468c5c2f6b5e84c8f787d7ff50dea.exe

  • Size

    1.5MB

  • MD5

    77f10cc16d144e03ead284612e89c58e

  • SHA1

    d0cf834af15713f9312d0897e29e4b2576e12d88

  • SHA256

    1864831e99c8fd62b5f7d385dbab74d0b04468c5c2f6b5e84c8f787d7ff50dea

  • SHA512

    d35fd56a59725244f917bbc9822bae29e77f13ae81f7ff397bb5ecd2bd7aaf06a137646164f435a7f32a0bb268bbdaff74963424f2c77b643492a9b078e61ddb

  • SSDEEP

    24576:7Po3/UWamrEtOgOCF7kSY34/9RF+hh+4DSVXT5X78aQya3AWOE:7o3UmrEtOgO87TjF+hh0XT5X78Z1w4

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1864831e99c8fd62b5f7d385dbab74d0b04468c5c2f6b5e84c8f787d7ff50dea.exe
    "C:\Users\Admin\AppData\Local\Temp\1864831e99c8fd62b5f7d385dbab74d0b04468c5c2f6b5e84c8f787d7ff50dea.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1292

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1292-0-0x000001C3D80C0000-0x000001C3D80F4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1292-1-0x00007FF86AE50000-0x00007FF86B911000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1292-2-0x000001C3D8120000-0x000001C3D8130000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1292-3-0x000001C3D8120000-0x000001C3D8130000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1292-4-0x000001C3D8120000-0x000001C3D8130000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1292-5-0x000001C3D8120000-0x000001C3D8130000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1292-6-0x000001C3F23D0000-0x000001C3F23D8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1292-7-0x000001C3F2450000-0x000001C3F2488000-memory.dmp

    Filesize

    224KB

    Download

  • memory/1292-8-0x000001C3F2420000-0x000001C3F242E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/1292-21-0x00007FF86AE50000-0x00007FF86B911000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1292-22-0x000001C3D8120000-0x000001C3D8130000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1292-23-0x000001C3D8120000-0x000001C3D8130000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1292-24-0x000001C3D8120000-0x000001C3D8130000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1292-25-0x000001C3D8120000-0x000001C3D8130000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1292-26-0x000001C3D8120000-0x000001C3D8130000-memory.dmp

    Filesize

    64KB

    Download