Overview

overview

3

Static

static

3

client.exe

windows7-x64

1

client.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 17:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    client.exe

  • Size

    129KB

  • MD5

    8b8c84e64779e1e6d3022bccdf333905

  • SHA1

    228e7d96c64a534451706ff60436cb283b367b8f

  • SHA256

    06a6bba369ccd42e8d297ea58b231551e98d10fb57715e611d0f26d84dbb6954

  • SHA512

    219150cb7d2384501b8f9d5b8514658c50854cc26f80cabc3c80307dd201622afaf722a2deb66423e46386a4e8b6b6fc355570639619e3e2814f4622338b38d4

  • SSDEEP

    3072:f4vwMUfzbspKNMOccF6l3iMAelbWTz6nLYXDMxp:fowMUMyMOUIGbW0S

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\client.exe
    "C:\Users\Admin\AppData\Local\Temp\client.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2480

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2480-0-0x000000013FA00000-0x000000013FA24000-memory.dmp

          Filesize

          144KB

          Download

        • memory/2480-1-0x000007FEF5AC0000-0x000007FEF64AC000-memory.dmp

          Filesize

          9.9MB

          Download

        • memory/2480-2-0x000000001BE80000-0x000000001BF00000-memory.dmp

          Filesize

          512KB

          Download

        • memory/2480-3-0x000007FEF5AC0000-0x000007FEF64AC000-memory.dmp

          Filesize

          9.9MB

          Download

        • memory/2480-4-0x000000001BE80000-0x000000001BF00000-memory.dmp

          Filesize

          512KB

          Download