Overview

overview

10

Static

static

10

ida.exe

windows10-2004-x64

3

ida64.exe

windows10-2004-x64

3

idapyswitch.exe

windows10-2004-x64

1

idat.exe

windows10-2004-x64

1

idat64.exe

windows10-2004-x64

1

loaders/javaldr64.dll

windows10-2004-x64

1

loaders/lx.dll

windows10-2004-x64

1

loaders/lx64.dll

windows10-2004-x64

1

loaders/macho.dll

windows10-2004-x64

1

loaders/macho64.dll

windows10-2004-x64

1

loaders/mas.dll

windows10-2004-x64

1

loaders/mas64.dll

windows10-2004-x64

1

loaders/n64rom.dll

windows10-2004-x64

1

loaders/n64rom64.dll

windows10-2004-x64

1

loaders/ne.dll

windows10-2004-x64

1

loaders/ne64.dll

windows10-2004-x64

1

loaders/nlm.dll

windows10-2004-x64

1

loaders/nlm64.dll

windows10-2004-x64

1

loaders/omf.dll

windows10-2004-x64

1

loaders/omf64.dll

windows10-2004-x64

1

loaders/os9.dll

windows10-2004-x64

1

loaders/os964.dll

windows10-2004-x64

1

loaders/pdfldr.pdf

windows10-2004-x64

1

loaders/pe.dll

windows10-2004-x64

1

loaders/pe64.dll

windows10-2004-x64

1

loaders/pef.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    285s
  • max time network
    207s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-02-2024 13:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    idat64.exe

  • Size

    1.5MB

  • MD5

    8fbe42d205f4f7f36b5da4f7909868ee

  • SHA1

    bde9d1b0b9c3e387339bae9d99592ecb2f2f9a58

  • SHA256

    58a554b08bfc98042f7bbe42e2cfc7c19e1cd2b4957632bb9792719903567b76

  • SHA512

    b799eec49aaa9fb8ee7cf7bb5ff516636aadd25f4e31f34283f44e8af0411652814f7d3c46db4be2bb24aada5e0bc129481d8919ece7797058d1eb6d18bad539

  • SSDEEP

    24576:fdn3nxL7KYwqydvtm+aGfUZ/bIXG8WJNvnUyK1bDtJqpYwOYq3OyaaD4z0ZqhgN9:t3hwqyF4EUZ0W8ANvDKdxEpYxvaaMzkd

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\idat64.exe
    "C:\Users\Admin\AppData\Local\Temp\idat64.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads