Overview

overview

8

Static

static

3

983c0c8c2e...44.exe

windows7-x64

8

983c0c8c2e...44.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    143s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/02/2024, 02:20

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    983c0c8c2e7a173226f1a975e4c47b44.exe

  • Size

    42KB

  • MD5

    983c0c8c2e7a173226f1a975e4c47b44

  • SHA1

    f08969baea3fd9de72becce9b49bd01d6a62abe1

  • SHA256

    4629f082e093e5af5e963f595c153b7dcde81165a1012f2745ca133bca42032f

  • SHA512

    ef9e50cf4ace91811e5ff9a4ba3adaf417788513680d004105975aa0a17979eb50045633b71c0a4b0ab0dadac66b854afca2fa5e90701eec587a6f2cd5f3bab5

  • SSDEEP

    768:AKBlzFAale2kD66VfaQfxfqHSjNhmn4Lgq:FXpAKe227faQfxfqyun4Eq

Score
8/10
persistence

Malware Config

Signatures

  • Sets file execution options in registry 2 TTPs 2 IoCs
    persistence
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 28 IoCs
  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\983c0c8c2e7a173226f1a975e4c47b44.exe
    "C:\Users\Admin\AppData\Local\Temp\983c0c8c2e7a173226f1a975e4c47b44.exe"
    1⤵
    • Sets file execution options in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:5012
    • C:\Users\Admin\AppData\Local\Temp\~240647437.ext
      C:\Users\Admin\AppData\Local\Temp\~240647437.ext
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      PID:3736

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\~240647437.ext
          Filesize

          7KB

          MD5

          e7db76d1c99a2eb024e196c3bfd5d65f

          SHA1

          3f96d41cf973600bc51050578137e9ca25811448

          SHA256

          416e4bee4ded3a8e5f633cd498229a6aa3c41bbe2b07bee6f439e19d3f11faf8

          SHA512

          9e9004e324a5b7dd5b97271d9e623b1acdff1cc379d6822b7a8fc72ef43bca271ff45fd29b067503a95e7255be428801402f96ee8f95b65f7dd9e0af92a03932

          Download Submit