Overview

overview

10

Static

static

10

581bfc3f0f...94.exe

windows7-x64

1

581bfc3f0f...94.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231127-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-12-2023 18:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    581bfc3f0f2274d314eda0c878e0c69f1afa6d3c3a2483cd09b0602c82205394.exe

  • Size

    1.9MB

  • MD5

    ee22341242572923fc557fc31601ae98

  • SHA1

    5b08a6b2a449f469acd7a6364d1b8b6f9e6f7884

  • SHA256

    581bfc3f0f2274d314eda0c878e0c69f1afa6d3c3a2483cd09b0602c82205394

  • SHA512

    c44647bc864a299b71f803fe99af3900092e5aef609a1910c5383c331ebda73fc47c465d41ffa1f4b2f9042f2f0adf91648efdc5f232c1a3ba7827cc199da348

  • SSDEEP

    49152:yeeKdmm4AFDw2Y9K9W9Mb6W/XT5X1gF44I1:OwDpY9+1D5lg5I1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\581bfc3f0f2274d314eda0c878e0c69f1afa6d3c3a2483cd09b0602c82205394.exe
    "C:\Users\Admin\AppData\Local\Temp\581bfc3f0f2274d314eda0c878e0c69f1afa6d3c3a2483cd09b0602c82205394.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2920-0-0x000002C5FB4C0000-0x000002C5FB4F4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2920-1-0x00007FFCCA4E0000-0x00007FFCCAFA1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2920-3-0x000002C5FC030000-0x000002C5FC040000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2920-2-0x000002C5FC030000-0x000002C5FC040000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2920-4-0x000002C5FC030000-0x000002C5FC040000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2920-5-0x000002C5FC030000-0x000002C5FC040000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2920-6-0x000002C5FF410000-0x000002C5FF418000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2920-7-0x000002C5FF460000-0x000002C5FF498000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2920-8-0x000002C5FF420000-0x000002C5FF42E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2920-21-0x00007FFCCA4E0000-0x00007FFCCAFA1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2920-22-0x000002C5FC030000-0x000002C5FC040000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2920-23-0x000002C5FC030000-0x000002C5FC040000-memory.dmp

    Filesize

    64KB

    Download