Overview

overview

5

Static

static

3

afe446464e...de.exe

windows7-x64

1

afe446464e...de.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    86s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/11/2023, 06:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    afe446464e98e3b006376e18ff884c1384dc4690157f694c172550cfed0d69de.exe

  • Size

    1.3MB

  • MD5

    3b914db8706406f63b0a87e36e5fd201

  • SHA1

    76a93b129e39a8c00fadf1f811b358135d770dfc

  • SHA256

    afe446464e98e3b006376e18ff884c1384dc4690157f694c172550cfed0d69de

  • SHA512

    12135fbc4e89c11497b87169dc593e4f896ae9c38f28e889f1246ed433697ebb02723a28e0c1893c323f91ac469a5502d7c8f74e51462444b6cfeec934762f70

  • SSDEEP

    12288:NF9B+V6aCt5Wgd+gkvMQDabQ82kbj3BmfWBEHN36h/98QPK0t:NF9BnaCt5Wgd+Z0y6n2kPUfWl/9u

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\afe446464e98e3b006376e18ff884c1384dc4690157f694c172550cfed0d69de.exe
    "C:\Users\Admin\AppData\Local\Temp\afe446464e98e3b006376e18ff884c1384dc4690157f694c172550cfed0d69de.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2072

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2072-0-0x0000000000400000-0x00000000005F4000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2072-1-0x00000000007B0000-0x0000000000817000-memory.dmp

          Filesize

          412KB

          Download

        • memory/2072-6-0x00000000007B0000-0x0000000000817000-memory.dmp

          Filesize

          412KB

          Download

        • memory/2072-7-0x00000000007B0000-0x0000000000817000-memory.dmp

          Filesize

          412KB

          Download

        • memory/2072-12-0x0000000000400000-0x00000000005F4000-memory.dmp

          Filesize

          2.0MB

          Download