Overview

overview

3

Static

static

3

New Text Document.exe

windows11-21h2-x64

1

Resubmissions

15-01-2024 21:02

240115-zvt8magaf4 10

13-01-2024 00:34

240113-aw6klshdf8 10

31-12-2023 01:14

231231-bl2z4scebl 10

21-12-2023 21:01

231221-zvczcaeffj 8

13-12-2023 01:28

231213-bvpfdaffa4 3

Analysis

  • max time kernel
    1s
  • max time network
    9s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231129-en
  • resource tags

    arch:x64arch:x86image:win11-20231129-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13-12-2023 01:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    New Text Document.exe

  • Size

    4KB

  • MD5

    9ce4aaffc0cddb25b759e1ec9ab7102a

  • SHA1

    72e78508b65d61d4ae9620d180f4aa8dddb85399

  • SHA256

    8cc12ee9b2f09003ded9ca3e1846ed23b63325fe8d867e735a3388a9087bd87c

  • SHA512

    8f966188af4cb25368a6636f9a973e5c0aaf583bc89009c6604ed9a5e67451d7e417e0067b5c8a517835ab977355dde37c2c5495d7616aa7f82750a65dcab55f

  • SSDEEP

    48:6fWIcJ9lFEyU+zYGJZZJO66OulbfSqXSfbNtm:eVq9jnnEpf6zNt

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\New Text Document.exe
    "C:\Users\Admin\AppData\Local\Temp\New Text Document.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2512

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2512-0-0x0000000000380000-0x0000000000388000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2512-1-0x00007FFD8CBD0000-0x00007FFD8D692000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2512-2-0x0000000002510000-0x0000000002520000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2512-3-0x00007FFD8CBD0000-0x00007FFD8D692000-memory.dmp

    Filesize

    10.8MB

    Download