Overview

overview

3

Static

static

3

6f9a2f6e9a...f2.exe

windows7-x64

1

6f9a2f6e9a...f2.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    66s
  • max time network
    129s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 12:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6f9a2f6e9af4b46e78db520b36d8d2f2.exe

  • Size

    794KB

  • MD5

    6f9a2f6e9af4b46e78db520b36d8d2f2

  • SHA1

    ae63e550ae9b52dd45dd4d9a309504731eddda4e

  • SHA256

    c8f96f446c2b451616b70ebe0a2712dbeac8577f1298f25cde313e7717bc688d

  • SHA512

    eb90a1307a8876a853f6d0ab3e6374b1f5ecac112e98c48fa75cf119ec2a194eed6bbb781551af089d37f738592ff263d9dbd4dd35727a038770a73e1791be40

  • SSDEEP

    12288:0tq7+TnOo/mmrxaDqR28H9IzGiiwiqET4g7MUoxnsOEsj3d9TN:0ta+TB/VrvEocCwrET4g7yrEGt9T

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6f9a2f6e9af4b46e78db520b36d8d2f2.exe
    "C:\Users\Admin\AppData\Local\Temp\6f9a2f6e9af4b46e78db520b36d8d2f2.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2180-1-0x0000000074670000-0x0000000074E20000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/2180-0-0x00000000007E0000-0x00000000008AC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/2180-3-0x0000000005950000-0x0000000005EF4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2180-4-0x0000000005440000-0x00000000054D2000-memory.dmp

    Filesize

    584KB

    Download

  • memory/2180-2-0x0000000005390000-0x00000000053A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2180-5-0x00000000056E0000-0x000000000575C000-memory.dmp

    Filesize

    496KB

    Download

  • memory/2180-6-0x0000000005870000-0x000000000587A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2180-8-0x0000000005F00000-0x0000000005F16000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2180-7-0x0000000005910000-0x000000000594E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2180-9-0x0000000005390000-0x00000000053A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2180-11-0x0000000074670000-0x0000000074E20000-memory.dmp

    Filesize

    7.7MB

    Download