Overview

overview

10

Static

static

10

zzhx3xgq.exe

windows7-x64

1

zzhx3xgq.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-01-2024 03:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    zzhx3xgq.exe

  • Size

    1.5MB

  • MD5

    a3e3d841cd7044897873378317693fdb

  • SHA1

    80cbd7b77b0bedaa0f1cb80c007a45d84f5b0079

  • SHA256

    89f4c5f07cb75c9a8859ffae41aadd4aa7da2fdea29e1241805a01ce317ca186

  • SHA512

    9141fe371c73552bfba2412a2b9f3bed0ca7674da591b9fc0115dbc5d2a5b1439516d6b0dc7aefda1e03925adc894a29ef0179d7e65ca80afecbb43c8e96f1fd

  • SSDEEP

    24576:Zrayc157T3W5JNaWm8oeGFhNzu60gDS0QOOuHbJ7mcx:ZcbQNA8oFFDD00QMHV7mcx

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\zzhx3xgq.exe
    "C:\Users\Admin\AppData\Local\Temp\zzhx3xgq.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:5088

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5088-0-0x0000024CE98A0000-0x0000024CE98DE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/5088-1-0x00007FFE262E0000-0x00007FFE26DA1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/5088-2-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-3-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-4-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-6-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-5-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-19-0x00007FFE262E0000-0x00007FFE26DA1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/5088-20-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-21-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-22-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-23-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-24-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5088-25-0x0000024CEA440000-0x0000024CEA450000-memory.dmp

    Filesize

    64KB

    Download