Overview

overview

7

Static

static

3

090f5d8fcc...89.exe

windows7-x64

7

090f5d8fcc...89.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    3s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 00:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    090f5d8fcc4a9abb7f9983f3c1d37889.exe

  • Size

    130KB

  • MD5

    090f5d8fcc4a9abb7f9983f3c1d37889

  • SHA1

    ba97d8b9a05f027365aef7208e625eb7f3fd394c

  • SHA256

    8f2d2592da266c23e8d424f550ab5513791dbf6265baf06c64cd5fa4880cfe3c

  • SHA512

    2fcfdd8be48ade1562c0e8f29d8f918fe64ef0d0691fa258978942e4f00a36a1afc2e3a3445279e6c3da8a1818f7ae4d0044b4149996d34249383f548ba2ff49

  • SSDEEP

    3072:hQJNU9ptYb/IZ7Iko27SZwFtsKNY9rcksw3ar1kIb7:hIiXYDW227acsYfL19

Score
7/10
spywarestealer

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\090f5d8fcc4a9abb7f9983f3c1d37889.exe
    "C:\Users\Admin\AppData\Local\Temp\090f5d8fcc4a9abb7f9983f3c1d37889.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2808

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2808-0-0x0000000001390000-0x00000000013B6000-memory.dmp

          Filesize

          152KB

          Download

        • memory/2808-1-0x000007FEF5C60000-0x000007FEF664C000-memory.dmp

          Filesize

          9.9MB

          Download

        • memory/2808-2-0x0000000000240000-0x0000000000272000-memory.dmp

          Filesize

          200KB

          Download

        • memory/2808-3-0x000000001AE70000-0x000000001AEF0000-memory.dmp

          Filesize

          512KB

          Download

        • memory/2808-112-0x000007FEF5C60000-0x000007FEF664C000-memory.dmp

          Filesize

          9.9MB

          Download