Overview

overview

3

Static

static

3

976ea772ad...3b.exe

windows7-x64

1

976ea772ad...3b.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/02/2024, 14:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    976ea772ad3a09c2611bda71e6f6773b.exe

  • Size

    102KB

  • MD5

    976ea772ad3a09c2611bda71e6f6773b

  • SHA1

    5dea061729552290d1d5dab89cfc2433a3d07ef7

  • SHA256

    e5ca761f7c415dab667b68c703dca4712c6fa23e236999526c3c38f02e5fff36

  • SHA512

    c772530e85487db12965332c70d85d44b5575c83896be1761c2145256bfb54e49994cb100c5299e65723e916247d20ed71ffff631548f84a626216046b7aa309

  • SSDEEP

    1536:GPK8TzbMP1uAZfCXxB2oHeV0cWX2Hs9C3uh5lVIWLtdGgvLXlApMyGxc:GvbMPQ2fiIs2Hs9Ik5XVLtdGgvbq6y+c

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\976ea772ad3a09c2611bda71e6f6773b.exe
    "C:\Users\Admin\AppData\Local\Temp\976ea772ad3a09c2611bda71e6f6773b.exe"
    1⤵
      PID:3068
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x318 0x2fc
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:504

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3068-0-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-1-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-2-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-3-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-4-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-5-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-6-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-7-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-8-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-9-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-10-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-11-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-12-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-13-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-14-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/3068-15-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download