Overview

overview

6

Static

static

3

545489147a...f4.exe

windows7-x64

6

545489147a...f4.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    116s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 04:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    545489147a9e44cbc2218e4b34b758f4.exe

  • Size

    4.4MB

  • MD5

    545489147a9e44cbc2218e4b34b758f4

  • SHA1

    a2848e1fc4de6e91a759502bb6c6601afb70bdf0

  • SHA256

    28fee647fb51161976bc8c89e81194fbeb1dcad71fb9926e99f5192e2f8486d4

  • SHA512

    58dd4115c7ae8831349475f39cd81343dc5c6466184c9808b9dbc30261e6dd6bb0df0e52dd58f91e27b0989f023dfc0c0bb0aa1f4544319553dff333fbc7b90c

  • SSDEEP

    98304:RtwuT/W5AUd2BiH3SdPVNHTlME9BbfFNpv/s8PQpsf7lrg:RCFHiHNyEzBNR/s8KsNg

Score
6/10

Malware Config

Signatures

  • Drops desktop.ini file(s) 2 IoCs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 51 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\545489147a9e44cbc2218e4b34b758f4.exe
    "C:\Users\Admin\AppData\Local\Temp\545489147a9e44cbc2218e4b34b758f4.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4512

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4512-1-0x0000000000E00000-0x0000000000E10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-2-0x0000000074CD0000-0x0000000075281000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/4512-0-0x0000000074CD0000-0x0000000075281000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/4512-5-0x0000000074CD0000-0x0000000075281000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/4512-6-0x0000000000E00000-0x0000000000E10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-7-0x0000000074CD0000-0x0000000075281000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/4512-8-0x0000000000E00000-0x0000000000E10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-10-0x0000000074CD0000-0x0000000075281000-memory.dmp

    Filesize

    5.7MB

    Download