Overview

overview

3

Static

static

3

8506a742ac...48.exe

windows7-x64

1

8506a742ac...48.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/11/2023, 12:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8506a742ac3f246ad5f1d885596f9a7aa9a0cae08e4e8764ed80c49c92c2b148.exe

  • Size

    12.2MB

  • MD5

    f5930c30fcb9de6b688610357675355d

  • SHA1

    3edd544f443bc7a70892e43b593c1e25fccf24c4

  • SHA256

    8506a742ac3f246ad5f1d885596f9a7aa9a0cae08e4e8764ed80c49c92c2b148

  • SHA512

    d1e71fe1728e878bd1b1e16e066dcbb035baede46337e3201527250740cb6f3d3a944d560d2536c6a8b1785d6eead5daf448879003a8059984fd9a63447cc758

  • SSDEEP

    49152:EtVplF5UZz/h5kVXQ6iIBiRvYhPD6CS6uvTGUp:EtPb5qvkVX1iIwAhL6CSPaU

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8506a742ac3f246ad5f1d885596f9a7aa9a0cae08e4e8764ed80c49c92c2b148.exe
    "C:\Users\Admin\AppData\Local\Temp\8506a742ac3f246ad5f1d885596f9a7aa9a0cae08e4e8764ed80c49c92c2b148.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:3132

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3132-2-0x00000000035B0000-0x00000000036B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/3132-3-0x00000000035B0000-0x00000000036B0000-memory.dmp

    Filesize

    1024KB

    Download