Overview

overview

10

Static

static

10

bb15d0c336...b9.exe

windows7-x64

1

bb15d0c336...b9.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-03-2024 03:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bb15d0c336f73fc9c8fe1d675a218fb9.exe

  • Size

    1.3MB

  • MD5

    bb15d0c336f73fc9c8fe1d675a218fb9

  • SHA1

    63038db54838ec0eceb917e56d69c1a024096ca6

  • SHA256

    ba851696e371fb5168687c362a74bbca8f3a09fa5b7999f9c7b5294b39f2e92c

  • SHA512

    b12efc97b52eb0b7a21f85bde1c53ba0e239a870be4ed83a45c579bf67e2533d90db7f484704ac4f91730a752393fdf3fafb18a28eb75b10dfda29288672d3c2

  • SSDEEP

    24576:DbsT8+hPULj6gh0yXGlkDXbhAFGvy6PNDSVXT5Xdqt3ya:vGhPULjXhBXxfhAFGvAXT5XK1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bb15d0c336f73fc9c8fe1d675a218fb9.exe
    "C:\Users\Admin\AppData\Local\Temp\bb15d0c336f73fc9c8fe1d675a218fb9.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:628

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/628-2-0x00000202D3980000-0x00000202D39B4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/628-5-0x00007FFADEA50000-0x00007FFADF511000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/628-6-0x00000202EC3F0000-0x00000202EC400000-memory.dmp

    Filesize

    64KB

    Download

  • memory/628-7-0x00000202EC3F0000-0x00000202EC400000-memory.dmp

    Filesize

    64KB

    Download

  • memory/628-8-0x00000202EC3F0000-0x00000202EC400000-memory.dmp

    Filesize

    64KB

    Download

  • memory/628-9-0x00000202F1B60000-0x00000202F1B68000-memory.dmp

    Filesize

    32KB

    Download

  • memory/628-10-0x00000202EDC90000-0x00000202EDCC8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/628-11-0x00000202EDC60000-0x00000202EDC6E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/628-24-0x00007FFADEA50000-0x00007FFADF511000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/628-25-0x00000202EC3F0000-0x00000202EC400000-memory.dmp

    Filesize

    64KB

    Download

  • memory/628-26-0x00000202EC3F0000-0x00000202EC400000-memory.dmp

    Filesize

    64KB

    Download

  • memory/628-27-0x00000202EC3F0000-0x00000202EC400000-memory.dmp

    Filesize

    64KB

    Download

  • memory/628-28-0x00000202EC3F0000-0x00000202EC400000-memory.dmp

    Filesize

    64KB

    Download

  • memory/628-29-0x00000202EC3F0000-0x00000202EC400000-memory.dmp

    Filesize

    64KB

    Download