Overview

overview

3

Static

static

3

458f78c4a2...da.exe

windows7-x64

1

458f78c4a2...da.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    1s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    06/01/2024, 06:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    458f78c4a22fcfce04e16b6836c90fda.exe

  • Size

    14.1MB

  • MD5

    458f78c4a22fcfce04e16b6836c90fda

  • SHA1

    cbf5cad2e088bc78ce36dbe6906fd4fee6eecaad

  • SHA256

    3f45f1d83d236aefd82cc47e77540518f92161bf7bba431c4cb7efab2a2647d6

  • SHA512

    3f66fdff5f9eec273c372da48f97ec1760b98e86b8cd1d96f60daca745cfeab46a35a78e22ac9da99dcaf221f08cf8031a8f5f75287b87159f935426291faca0

  • SSDEEP

    196608:f88mbmIklyu9YIk1Ig7HGoAhLK8TNY36p4cGqH3G8MsedhEmAYUNbdLrp74NClzB:Zw0h1hhL9237+BDBYUNb74kd

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\458f78c4a22fcfce04e16b6836c90fda.exe
    "C:\Users\Admin\AppData\Local\Temp\458f78c4a22fcfce04e16b6836c90fda.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2856
  • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2436 CREDAT:275457 /prefetch:2
    1⤵
      PID:2836
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" -startmediumtab -Embedding
      1⤵
        PID:2436

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2856-0-0x0000000073F30000-0x000000007461E000-memory.dmp

        Filesize

        6.9MB

        Download

      • memory/2856-1-0x0000000000150000-0x0000000000F6E000-memory.dmp

        Filesize

        14.1MB

        Download

      • memory/2856-2-0x0000000002FA0000-0x0000000002FE0000-memory.dmp

        Filesize

        256KB

        Download

      • memory/2856-4-0x0000000001140000-0x000000000114A000-memory.dmp

        Filesize

        40KB

        Download

      • memory/2856-3-0x0000000001140000-0x000000000114A000-memory.dmp

        Filesize

        40KB

        Download

      • memory/2856-5-0x0000000002FA0000-0x0000000002FE0000-memory.dmp

        Filesize

        256KB

        Download

      • memory/2856-12-0x0000000002FA0000-0x0000000002FE0000-memory.dmp

        Filesize

        256KB

        Download

      • memory/2856-13-0x0000000073F30000-0x000000007461E000-memory.dmp

        Filesize

        6.9MB

        Download

      • memory/2856-14-0x0000000002FA0000-0x0000000002FE0000-memory.dmp

        Filesize

        256KB

        Download

      • memory/2856-16-0x0000000001140000-0x000000000114A000-memory.dmp

        Filesize

        40KB

        Download

      • memory/2856-15-0x0000000001140000-0x000000000114A000-memory.dmp

        Filesize

        40KB

        Download

      • memory/2856-21-0x0000000005E80000-0x0000000005E82000-memory.dmp

        Filesize

        8KB

        Download