Overview

overview

10

Static

static

10

b637f693b5...fd.exe

windows7-x64

1

b637f693b5...fd.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    3s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231127-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-12-2023 11:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b637f693b58e167ddfbacddbf1e4cd4bb0a06ed97466d587243dc79ccce546fd.exe

  • Size

    1.7MB

  • MD5

    b12fffc4854d787041748ce32e16b16a

  • SHA1

    d38f925f90e8123312fa318ee0f017a438cd5531

  • SHA256

    b637f693b58e167ddfbacddbf1e4cd4bb0a06ed97466d587243dc79ccce546fd

  • SHA512

    50be724a46c7c317a60126fc6cc1f1a8fb0225a0ba3635f60a4addb25f0175330c6fd142132bdbade77f02605fc1b10d9b81f095249d7a83576c0243ead35704

  • SSDEEP

    24576:PgCVxQ88/aBzMSVYj2Ksh7K99vu1w34RiYBd2DSVXT5XIb3nya:PgcQABz/VYj6+fvu1m8XT5XQn1

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b637f693b58e167ddfbacddbf1e4cd4bb0a06ed97466d587243dc79ccce546fd.exe
    "C:\Users\Admin\AppData\Local\Temp\b637f693b58e167ddfbacddbf1e4cd4bb0a06ed97466d587243dc79ccce546fd.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2200-0-0x00000179CD880000-0x00000179CD8B4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2200-4-0x00000179E62F0000-0x00000179E6300000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2200-3-0x00000179E62F0000-0x00000179E6300000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2200-2-0x00000179E62F0000-0x00000179E6300000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2200-1-0x00007FFC85CD0000-0x00007FFC86791000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2200-5-0x00000179E62F0000-0x00000179E6300000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2200-6-0x00000179E62F0000-0x00000179E6300000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2200-7-0x00000179E6750000-0x00000179E6758000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2200-9-0x00000179E67A0000-0x00000179E67AE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2200-8-0x00000179E69E0000-0x00000179E6A18000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2200-22-0x00000179E6530000-0x00000179E66FE000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/2200-23-0x00007FFC85CD0000-0x00007FFC86791000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2200-25-0x00000179E62F0000-0x00000179E6300000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2200-24-0x00000179E62F0000-0x00000179E6300000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2200-27-0x00000179E62F0000-0x00000179E6300000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2200-28-0x00000179E62F0000-0x00000179E6300000-memory.dmp

    Filesize

    64KB

    Download