Overview

overview

10

Static

static

10

dc59ef9cf7...1f.exe

windows7-x64

1

dc59ef9cf7...1f.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-11-2023 15:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dc59ef9cf7a664d9a95b41db44f37c75bb45805f178dcb0f7ca3af5279c3c81f.exe

  • Size

    5.0MB

  • MD5

    d8454412e045149dc80c212dcf797b99

  • SHA1

    d3ccdbe050ebc4f200109e5ec97e016b3ea5aedd

  • SHA256

    dc59ef9cf7a664d9a95b41db44f37c75bb45805f178dcb0f7ca3af5279c3c81f

  • SHA512

    271ef66af795f6ef57d147d6243d1dbbe7d3be237b869b39745217ae0d2ee2342550d27a0e592f3ba2fdefead168f966b9f2343d431a9501267060bc7be964a8

  • SSDEEP

    49152:r56uL3pgrCEdMKPFotsgEBr6GjvzW+UBA3Gd7po52xWKQY2v2V6liK1uOCeXvpn4:r56utgpPFotBER/mQ32lUW

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dc59ef9cf7a664d9a95b41db44f37c75bb45805f178dcb0f7ca3af5279c3c81f.exe
    "C:\Users\Admin\AppData\Local\Temp\dc59ef9cf7a664d9a95b41db44f37c75bb45805f178dcb0f7ca3af5279c3c81f.exe"
    1⤵
      PID:3144
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4820
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3636

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3636-6-0x0000014093E40000-0x0000014093E50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3636-22-0x0000014093F40000-0x0000014093F50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3636-38-0x000001409C2A0000-0x000001409C2A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3636-40-0x000001409C2D0000-0x000001409C2D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3636-41-0x000001409C2D0000-0x000001409C2D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3636-42-0x000001409C3E0000-0x000001409C3E1000-memory.dmp

        Filesize

        4KB

        Download