Overview

overview

3

Static

static

3

client_id.txt

windows7-x64

1

client_id.txt

windows10-1703-x64

1

client_id.txt

windows11-21h2-x64

3

d_win_x64_ru.exe

windows7-x64

1

d_win_x64_ru.exe

windows10-1703-x64

1

d_win_x64_ru.exe

windows11-21h2-x64

1

Resubmissions

23-02-2024 21:26

240223-1am49aab9z 3

23-02-2024 21:19

240223-z6ay5aab3w 3

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-02-2024 21:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d_win_x64_ru.exe

  • Size

    9.3MB

  • MD5

    bee6834a0354d7d17b6ebdc877511613

  • SHA1

    25298eaed03ed3eeee285a1d7d30e6da2d1f6052

  • SHA256

    b4e33dd2890b2de85797fa535d0060556e563ead38f7e5d7be1a2773f8d4f71c

  • SHA512

    83a042f0973aa96ba10f6afc5ed47415ed637020fc2145bd5dc18ce2421aa5e067a3ea3536e34f4000e2f6abedeb9baa59dc0d059abc5e77e634bd7b4fd17a92

  • SSDEEP

    98304:iw7cvLrfonV14zG8ALWc/cH3tb8+E/oS:xoy1IG8ALWc/cH9b87

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d_win_x64_ru.exe
    "C:\Users\Admin\AppData\Local\Temp\d_win_x64_ru.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2780

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads