Overview

overview

3

Static

static

3

16e3a94e43...8b.exe

windows7-x64

1

16e3a94e43...8b.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    172s
  • max time network
    116s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24-12-2023 22:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    16e3a94e439883431d773523b311338b.exe

  • Size

    4.6MB

  • MD5

    16e3a94e439883431d773523b311338b

  • SHA1

    7c44bc5cb9b1592258b0d36c610f8aa29cb320d6

  • SHA256

    3f266d4d8d3fc053a7f18639b2258bf65bbb7f39d834589924b6d70e59d297b5

  • SHA512

    874df7e0c913b9ab1b93af87c5a6ff8dfc60674569cbb341526cb0caf2fe4f3ed8998daccbdddf57ab58e04a4180cc1eabb258c1fda906831dba8cabd3212504

  • SSDEEP

    49152:wd8dlL9jbCLC+1pwh1et5x7B3NXpnUeBnoPX+kp9jCWUGHT46KvU6AHETSsAvr:wq9jCCE87enknHT46BsAvr

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\16e3a94e439883431d773523b311338b.exe
    "C:\Users\Admin\AppData\Local\Temp\16e3a94e439883431d773523b311338b.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2876

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2876-0-0x0000000000400000-0x00000000007EC000-memory.dmp

    Filesize

    3.9MB

    Download

  • memory/2876-2-0x0000000000400000-0x00000000007EC000-memory.dmp

    Filesize

    3.9MB

    Download

  • memory/2876-4-0x0000000000400000-0x00000000007EC000-memory.dmp

    Filesize

    3.9MB

    Download

  • memory/2876-12-0x0000000000400000-0x00000000007EC000-memory.dmp

    Filesize

    3.9MB

    Download