Overview

overview

3

Static

static

3

a5a6ff4f54...be.exe

windows7-x64

1

a5a6ff4f54...be.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-12-2023 13:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a5a6ff4f54882a304a17a7857f50c8be.exe

  • Size

    1.6MB

  • MD5

    a5a6ff4f54882a304a17a7857f50c8be

  • SHA1

    3f54a65bf1b647decc1f09283111d9f9f739b5f7

  • SHA256

    88685fd541c4b6d5c18f9327d40bf7dda69476263e54cd27b884933eb9aa012f

  • SHA512

    19e46e35c76f0891eddfaa207c9bbfe7d291415dd73af6923ccd1a34a0f70dbca86ea8e6c832e5a71e7a40e312e187429c3df579f936447cb0c32215ac341884

  • SSDEEP

    24576:33yVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8g:o8NlaVeuHF

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a5a6ff4f54882a304a17a7857f50c8be.exe
    "C:\Users\Admin\AppData\Local\Temp\a5a6ff4f54882a304a17a7857f50c8be.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:5060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5060-1-0x0000000074780000-0x0000000074F30000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/5060-0-0x0000000000580000-0x0000000000720000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/5060-2-0x0000000005810000-0x0000000005DB4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/5060-3-0x0000000005300000-0x0000000005392000-memory.dmp

    Filesize

    584KB

    Download

  • memory/5060-5-0x00000000052E0000-0x00000000052E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5060-4-0x0000000005100000-0x0000000005110000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5060-6-0x0000000005630000-0x000000000577E000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/5060-7-0x00000000057F0000-0x00000000057FA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/5060-8-0x0000000005800000-0x0000000005814000-memory.dmp

    Filesize

    80KB

    Download

  • memory/5060-9-0x0000000005100000-0x0000000005110000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5060-10-0x0000000005100000-0x0000000005110000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5060-31-0x0000000074780000-0x0000000074F30000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/5060-32-0x0000000005100000-0x0000000005110000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5060-33-0x0000000005100000-0x0000000005110000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5060-34-0x0000000005100000-0x0000000005110000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5060-35-0x0000000005100000-0x0000000005110000-memory.dmp

    Filesize

    64KB

    Download