Overview

overview

3

Static

static

3

00d84c9e49...8e.exe

windows7-x64

1

00d84c9e49...8e.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    153s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 02:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    00d84c9e4904c8ad0f67f8e0e3324c8e.exe

  • Size

    7KB

  • MD5

    00d84c9e4904c8ad0f67f8e0e3324c8e

  • SHA1

    3d49c6f4b7f5d66efd34bb0d9fbeac484f0abc43

  • SHA256

    786967dd81975bde25efd54d6de4f68191f85736cac1f21cb7b5a6300f9eb742

  • SHA512

    8c6fa6fe4c39059922ea0d4c1dc2cae152e1f2b8e3596cf835177b815e98ff033abd4c6b1bf5fb5601bfe5a9b8de706b000c32747e3cdaeb7b1047dcbbce3135

  • SSDEEP

    96:oLcpy/mSseVqiCVvttZPvMa/BcgZCGElAhhWQJdoaOM4HuEcXlJmj5dFjZ:oLcoDse8RvzZPPZf5EofoaOHHcXli7

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\00d84c9e4904c8ad0f67f8e0e3324c8e.exe
    "C:\Users\Admin\AppData\Local\Temp\00d84c9e4904c8ad0f67f8e0e3324c8e.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:3344
  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:3528

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads