Overview

overview

3

Static

static

3

Future_Fragments.exe

windows7-x64

1

Future_Fragments.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    43s
  • max time network
    62s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/02/2024, 04:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Future_Fragments.exe

  • Size

    377.6MB

  • MD5

    94875a7521e2ed5360062dd18dac920a

  • SHA1

    2b130163da035eed845840ee7fa81582510aef82

  • SHA256

    2085278e881ab9b64c3c27a6448e567d8aa6766124b9bdfa8e1247e2a40c7438

  • SHA512

    8cf51be2341be17726e9c3de0bc0f2c82a85eae4ed4ca5c9f75833727faa05f02490019e657d0f9a3ab07abe0488fcd23a0c5ee5da20feff985f3d7908b5cc80

  • SSDEEP

    6291456:FcRvZBm8e8YY/Eqa+gwKz+JoRtrMaKxrnijpirhli5hcD2RDzt1N9Bk/LHZGfriJ:FcRR0qdJoPXKxrnijpi3n237q/DZGD4b

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Future_Fragments.exe
    "C:\Users\Admin\AppData\Local\Temp\Future_Fragments.exe"
    1⤵
      PID:2600
    • C:\Windows\eHome\ehshell.exe
      "C:\Windows\eHome\ehshell.exe" /prefetch:1003 "C:\Users\Admin\Desktop\StepEnable.DVR"
      1⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:2828

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2828-2-0x000007FEF5620000-0x000007FEF5FBD000-memory.dmp

            Filesize

            9.6MB

            Download

          • memory/2828-1-0x0000000002220000-0x00000000022A0000-memory.dmp

            Filesize

            512KB

            Download

          • memory/2828-0-0x000007FEF5620000-0x000007FEF5FBD000-memory.dmp

            Filesize

            9.6MB

            Download

          • memory/2828-3-0x0000000002220000-0x00000000022A0000-memory.dmp

            Filesize

            512KB

            Download

          • memory/2828-5-0x0000000002220000-0x00000000022A0000-memory.dmp

            Filesize

            512KB

            Download

          • memory/2828-6-0x000000001DCB0000-0x000000001E2B8000-memory.dmp

            Filesize

            6.0MB

            Download

          • memory/2828-7-0x000000001E2C0000-0x000000001E444000-memory.dmp

            Filesize

            1.5MB

            Download