336be3a20ae8a36962ffd26b1ec7fb0ec2274a860dd9423b16ff817d29f1908a

Analysis

max time kernel
150s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
01-01-2024 15:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

133dd26c0a6bfbbbe309a845d6f0f382345bdb31595474eb57138ea34c4ddbf0.exe
Size

32KB
MD5

02669bb4920f01b688d66a13b0c89ff8
SHA1

61cb7e7bfd29dda1b430a7efd2c911774eb21ec6
SHA256

133dd26c0a6bfbbbe309a845d6f0f382345bdb31595474eb57138ea34c4ddbf0
SHA512

ee3b6b340005ae3c4449fa42082a2a6ca10df3ca5402971023c773ce0e50023fd54acd5ee60ab8587988812269efde26a9b66aab000fbb8df50e9105e80a43a6
SSDEEP

384:mlI2Fg+LNTrepswOk+k6b/tNPyzlZcmnvyl5Zc8gED+dPHaYxzEPh9rTxyJW/pZW:mdrL6T+nb1nhYNwyc

Score

10^/10

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
123456aA@

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	3548	133dd26c0a6bfbbbe309a845d6f0f382345bdb31595474eb57138ea34c4ddbf0.exe

C:\Users\Admin\AppData\Local\Temp\133dd26c0a6bfbbbe309a845d6f0f382345bdb31595474eb57138ea34c4ddbf0.exe
"C:\Users\Admin\AppData\Local\Temp\133dd26c0a6bfbbbe309a845d6f0f382345bdb31595474eb57138ea34c4ddbf0.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3548-0-0x00007FFCD0070000-0x00007FFCD0A11000-memory.dmp

Filesize
9.6MB

Download
memory/3548-1-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/3548-3-0x000000001B9D0000-0x000000001BE9E000-memory.dmp

Filesize
4.8MB

Download
memory/3548-4-0x000000001BF40000-0x000000001BFDC000-memory.dmp

Filesize
624KB

Download
memory/3548-2-0x00007FFCD0070000-0x00007FFCD0A11000-memory.dmp

Filesize
9.6MB

Download
memory/3548-5-0x000000001BFE0000-0x000000001BFE8000-memory.dmp

Filesize
32KB

Download
memory/3548-6-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/3548-7-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/3548-9-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/3548-8-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/3548-10-0x00007FFCD0070000-0x00007FFCD0A11000-memory.dmp

Filesize
9.6MB

Download
memory/3548-11-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/3548-12-0x00007FFCD0070000-0x00007FFCD0A11000-memory.dmp

Filesize
9.6MB

Download
memory/3548-13-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/3548-14-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/3548-15-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/3548-16-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads