77a04922956ea23e6aaf979be6a1bdcb75483b19cc75fd97f1069e6c8b519260 | Triage

Analysis

max time kernel
144s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
30-12-2023 04:32

Sharing

Report Analysis Logs

General

Target

0e94568036342eb88736d9386d2bb8d1.exe
Size

91KB
MD5

0e94568036342eb88736d9386d2bb8d1
SHA1

987662faccc47da265a824dae297b0045d91c150
SHA256

77a04922956ea23e6aaf979be6a1bdcb75483b19cc75fd97f1069e6c8b519260
SHA512

79154087823f4e67fa9b0be46132b0728c659dbb799abe94d09b6db732bb646e414d2543b1a36f082ab2c44bc6a93013735ecd093826c15b92634ac7e728317f
SSDEEP

1536:EGwtRxOBJyypgmDjVwCfIAIYfGJmIMWtEMfgjtEFoR:NwtRonyypexoiNtxYGoR

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1084	0e94568036342eb88736d9386d2bb8d1.exe
1084	0e94568036342eb88736d9386d2bb8d1.exe

Suspicious behavior: MapViewOfSection 1 IoCs

pid	Process
1084	0e94568036342eb88736d9386d2bb8d1.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1084	0e94568036342eb88736d9386d2bb8d1.exe

C:\Users\Admin\AppData\Local\Temp\0e94568036342eb88736d9386d2bb8d1.exe
"C:\Users\Admin\AppData\Local\Temp\0e94568036342eb88736d9386d2bb8d1.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: MapViewOfSection
- Suspicious use of AdjustPrivilegeToken
PID:1084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads