Analysis
-
max time kernel
7s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
25/02/2024, 03:43
General
-
Target
78dac565314a7e69e1a85d90cc4955ea39164608fe9a89b7876cf0939e6e7596.exe
-
Size
45KB
-
MD5
c134629c566048cd653ce119a6eadd9d
-
SHA1
52121fde6fe179fc90a6e15caf9858a01a316165
-
SHA256
78dac565314a7e69e1a85d90cc4955ea39164608fe9a89b7876cf0939e6e7596
-
SHA512
40077966540d3cf037b4e8c6bb8cb8a62d9b83f192990ed7416f92e36e7b1e7601c2ce8029f5b779111740e2464b402fe9621568cf41273b3d184bbf39d3ad80
-
SSDEEP
768:wVyuvE72jc0SQxsBGVQum77NkAdltI7qLU/Md2spNpyYboJRDe5uw:wsBVQxsBGVQuCGATtI7q4/bcboDeYw
Score
9/10
Malware Config
Signatures
-
Contacts a large (3275) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\78dac565314a7e69e1a85d90cc4955ea39164608fe9a89b7876cf0939e6e7596.exe"C:\Users\Admin\AppData\Local\Temp\78dac565314a7e69e1a85d90cc4955ea39164608fe9a89b7876cf0939e6e7596.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
-
Filesize
10.8MB