Overview

overview

10

Static

static

10

9e38dfd0d6...63.exe

windows7-x64

1

9e38dfd0d6...63.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-11-2023 03:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9e38dfd0d6c4bc218d867ec4464cc8cb4033ac9a830258097c8ff768df446a63.exe

  • Size

    1.3MB

  • MD5

    c9ed4921a375c54e3332b9da904ffe95

  • SHA1

    bf833c89f253940d113c3d170fa4e5f2d2bc3d05

  • SHA256

    9e38dfd0d6c4bc218d867ec4464cc8cb4033ac9a830258097c8ff768df446a63

  • SHA512

    e2149c45d4f308ebe81b0a28d9dce2e37fd3c1915f26c2efcdce378a4b821339163a0d0f8db3e19d548a4e6c419156df8afd8d852c71170c3c7ee3b46b0a83d2

  • SSDEEP

    24576:Ejz5UO/c/31ImZrt7xuCFKZGnS9U6Oya1DSVXT5Xb10:O5UO/c/FImZrtfAZG6O1KXT5Xb10

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9e38dfd0d6c4bc218d867ec4464cc8cb4033ac9a830258097c8ff768df446a63.exe
    "C:\Users\Admin\AppData\Local\Temp\9e38dfd0d6c4bc218d867ec4464cc8cb4033ac9a830258097c8ff768df446a63.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1800-0-0x0000026287C70000-0x0000026287CA4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1800-1-0x00007FFF34D70000-0x00007FFF35831000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1800-2-0x0000026287D10000-0x0000026287D20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1800-3-0x0000026287D10000-0x0000026287D20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1800-4-0x0000026287D10000-0x0000026287D20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1800-5-0x0000026287D10000-0x0000026287D20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1800-6-0x00000262A5FD0000-0x00000262A5FD8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1800-7-0x00000262A6050000-0x00000262A6088000-memory.dmp

    Filesize

    224KB

    Download

  • memory/1800-8-0x00000262A6020000-0x00000262A602E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/1800-21-0x00007FFF34D70000-0x00007FFF35831000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1800-22-0x0000026287D10000-0x0000026287D20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1800-23-0x0000026287D10000-0x0000026287D20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1800-24-0x0000026287D10000-0x0000026287D20000-memory.dmp

    Filesize

    64KB

    Download