Overview

overview

3

Static

static

3

74f643fa28...a0.exe

windows7-x64

1

74f643fa28...a0.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    138s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-12-2023 14:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    74f643fa281f11d36a59c3958b0627a0.exe

  • Size

    596KB

  • MD5

    74f643fa281f11d36a59c3958b0627a0

  • SHA1

    ebcee25409f04db456d9d9019ca7ce3a1b0fb77b

  • SHA256

    9cb67de98983415f7f465b394168c45f71857043252277d0b23214f5f99dba31

  • SHA512

    9bac50ecf562a143c62d9d551f8ddaa01d5b2f39c5d86130f6e518302f593fad4296aa6c12ec1abc9077a2606f0ca075f887358eae479dee3f3c2e560f7af773

  • SSDEEP

    12288:31ubh/SosKVlla8PEM43pN60h4huu8lbqnBILOq418+Dd8u0ot4y9SUO8gni:FubJSOVl9f43pN6z8lb8Rq4b8g4y9SUn

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\74f643fa281f11d36a59c3958b0627a0.exe
    "C:\Users\Admin\AppData\Local\Temp\74f643fa281f11d36a59c3958b0627a0.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/348-0-0x000000001B7B0000-0x000000001B7E9000-memory.dmp

    Filesize

    228KB

    Download

  • memory/348-4-0x000000001BA10000-0x000000001BA18000-memory.dmp

    Filesize

    32KB

    Download

  • memory/348-6-0x000000001B8F0000-0x000000001B911000-memory.dmp

    Filesize

    132KB

    Download

  • memory/348-17-0x00007FF9FD480000-0x00007FF9FDF41000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/348-19-0x0000000000B50000-0x0000000000B60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/348-20-0x0000000000B50000-0x0000000000B60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/348-18-0x0000000000B50000-0x0000000000B60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/348-16-0x0000000036720000-0x0000000036742000-memory.dmp

    Filesize

    136KB

    Download

  • memory/348-5-0x00007FF9FEE40000-0x00007FF9FF7E1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/348-3-0x0000000000B50000-0x0000000000B60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/348-1-0x00007FF9FEE40000-0x00007FF9FF7E1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/348-22-0x00007FF9FEE40000-0x00007FF9FF7E1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/348-23-0x000000001B8F0000-0x000000001B911000-memory.dmp

    Filesize

    132KB

    Download

  • memory/348-25-0x0000000000B50000-0x0000000000B60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/348-24-0x00007FF9FD480000-0x00007FF9FDF41000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/348-26-0x0000000000B50000-0x0000000000B60000-memory.dmp

    Filesize

    64KB

    Download