Overview

overview

4

Static

static

3

3b951b05d9...56.exe

windows7-x64

4

3b951b05d9...56.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01-01-2024 01:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3b951b05d913679115d9f6091f26db56.exe

  • Size

    232KB

  • MD5

    3b951b05d913679115d9f6091f26db56

  • SHA1

    fb9602fa4eb6f212fad4d7edbc2bbedfbfe01d76

  • SHA256

    3e13e8fa7dfcb6ffc1040242c300eadfd694f282c0a7a24476dc1f9f11c8eaab

  • SHA512

    e27213a4a33d28c3134057e7b9185a2887d324def6cff01dd18b0b35baf51ef3070e8e521a1917a96cb6da71cfccc3aabf7e5540c0e401eb4f5a4b83d1f67e86

  • SSDEEP

    3072:qZV7twFPr3jocgWJ8ZdA6tNMRo/wl3zN/XeyZvVSTSq2AeoNC42IY6:qj7tgPr3jolWaZ5t+9veNOoNj2IY6

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 18 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3b951b05d913679115d9f6091f26db56.exe
    "C:\Users\Admin\AppData\Local\Temp\3b951b05d913679115d9f6091f26db56.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2536-0-0x0000000000400000-0x0000000000443000-memory.dmp

    Filesize

    268KB

    Download

  • memory/2536-2-0x0000000000400000-0x0000000000443000-memory.dmp

    Filesize

    268KB

    Download