244e27611e45d3fb829b8ddb85d3015b091fcfc50eb75aa09af960fb8dee7017

Analysis

max time kernel
140s
max time network
166s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
24/12/2023, 17:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

07f687cbfe9aca72b3c8ae96c8be0e94.exe
Size

382KB
MD5

07f687cbfe9aca72b3c8ae96c8be0e94
SHA1

1e0703c85594750f3b67a7e0788d150a05b13659
SHA256

244e27611e45d3fb829b8ddb85d3015b091fcfc50eb75aa09af960fb8dee7017
SHA512

d4c824e46d9006cb6f894f47b9de62a36567cc5360e499dbeec2da0028748f004a4319e0e8f7bfd81006561f1979bf08ac4c127123179bd0ff7b3490435d88e9
SSDEEP

6144:lSI5kqTzKQSzyQoR/M+634/ZaKszyR8Qbti28W/RYoP:hpTz9SWQoR/Mb4VszyRi29/PP

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 2 IoCs

pid	Process
1844	07f687cbfe9aca72b3c8ae96c8be0e94.exe
1844	07f687cbfe9aca72b3c8ae96c8be0e94.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1844	07f687cbfe9aca72b3c8ae96c8be0e94.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1844	07f687cbfe9aca72b3c8ae96c8be0e94.exe
1844	07f687cbfe9aca72b3c8ae96c8be0e94.exe

C:\Users\Admin\AppData\Local\Temp\07f687cbfe9aca72b3c8ae96c8be0e94.exe
"C:\Users\Admin\AppData\Local\Temp\07f687cbfe9aca72b3c8ae96c8be0e94.exe"
1⤵
- Loads dropped DLL
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:1844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\gfdDCD3.tmp

Filesize
153KB

MD5
7f58671f6c21728902ae7a8d8f74e92f

SHA1
64a684d3d665d65069857cab7aa15ac00bac2e69

SHA256
adc1cf33a04c23e17497782af2275e2f904a18e6caf203693ae5b6b7c3e8fa0a

SHA512
0ae03e72e8bfdff53d107b393d652c2d63687cfa27721b2cccae7cdacccb96117d51ad766ecf7ae0f280ee96b628fc17bfe666761cd8fe174324904e80ff0860

Download Submit
C:\Users\Admin\AppData\Local\Temp\gfdDCD3.tmp

Filesize
81KB

MD5
6f4fb57d93d07eb5951b5c003ec8a661

SHA1
7e0b24be392491ccab779fb3e50595f594e32e03

SHA256
26d060d4a53d863255f0d437bd8b0f4bf2d70ba66d0521fa5c7f05ae3ac47748

SHA512
0c404e25e80c6a8373824e2bbbfea78e9dc08b1356008ac86e3bedc6051f10ac4b56d0ba5b255c897230619c8f562a640865a39ef358143905b1bdbdd4d915d1

Download Submit
memory/1844-6-0x0000000004EA0000-0x0000000004F32000-memory.dmp

Filesize
584KB

Download
memory/1844-3-0x0000000004BC0000-0x0000000004C04000-memory.dmp

Filesize
272KB

Download
memory/1844-4-0x0000000004C80000-0x0000000004C90000-memory.dmp

Filesize
64KB

Download
memory/1844-5-0x00000000053B0000-0x0000000005954000-memory.dmp

Filesize
5.6MB

Download
memory/1844-0-0x0000000074FA0000-0x0000000075750000-memory.dmp

Filesize
7.7MB

Download
memory/1844-7-0x0000000004E80000-0x0000000004E8A000-memory.dmp

Filesize
40KB

Download
memory/1844-8-0x0000000004C80000-0x0000000004C90000-memory.dmp

Filesize
64KB

Download
memory/1844-9-0x0000000004C80000-0x0000000004C90000-memory.dmp

Filesize
64KB

Download
memory/1844-10-0x0000000008190000-0x00000000081F6000-memory.dmp

Filesize
408KB

Download
memory/1844-19-0x0000000074FA0000-0x0000000075750000-memory.dmp

Filesize
7.7MB

Download
memory/1844-20-0x0000000004C80000-0x0000000004C90000-memory.dmp

Filesize
64KB

Download
memory/1844-21-0x0000000004C80000-0x0000000004C90000-memory.dmp

Filesize
64KB

Download
memory/1844-22-0x0000000004C80000-0x0000000004C90000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads