Overview

overview

9

Static

static

9

add3f6204c...ba.exe

windows7-x64

1

add3f6204c...ba.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    24/11/2023, 04:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    add3f6204cfa9f5bd675c1492242acbfcf202d92203c8090f40984ca131278ba.exe

  • Size

    11.6MB

  • MD5

    e489f1a228cc8906d15680c36b03e2df

  • SHA1

    6a319d76aaa610f390616d73e874f27d912b1e79

  • SHA256

    add3f6204cfa9f5bd675c1492242acbfcf202d92203c8090f40984ca131278ba

  • SHA512

    b70250ef3b5447b7a34f851fcce7ec8b84c080bec66412d1a729d57441bb42697e967ee859f26a25ee7fefbb1d965f92015b5c5ce28ef4863391a8fb157d4a11

  • SSDEEP

    196608:jlYXawuqRTC7FvQZD0mZDm6/t7g1fJVR1bw:jlYXawuqRTC7FvQZD0mZly9g

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\add3f6204cfa9f5bd675c1492242acbfcf202d92203c8090f40984ca131278ba.exe
    "C:\Users\Admin\AppData\Local\Temp\add3f6204cfa9f5bd675c1492242acbfcf202d92203c8090f40984ca131278ba.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:1640

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads