Overview

overview

3

Static

static

3

b726a67ab8...7a.exe

windows7-x64

1

b726a67ab8...7a.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/03/2024, 10:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b726a67ab8fa671ccc1513879da4927a.exe

  • Size

    82KB

  • MD5

    b726a67ab8fa671ccc1513879da4927a

  • SHA1

    2ec91b75fe9fecd8d26b196b262c58f0e49ef8a0

  • SHA256

    26a7a46b94001a77ea872ae01c72bb99fafe8f83e46cbaee0716b427e6eb2e46

  • SHA512

    35c7ee2409e47032189cb67576b7835422b5b9167359663ef07b3f5dd7ff2c4ec007f6896739d44e1495691c41861519bcb284458beb35c6902f7674877214bf

  • SSDEEP

    1536:hLk+62DRA75gf9GeAsCI/dOo1eSq28z6t96+UQE6FTlgAAWkC:Nf62O89RCAdHeSqnzu9lE69OAAQ

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b726a67ab8fa671ccc1513879da4927a.exe
    "C:\Users\Admin\AppData\Local\Temp\b726a67ab8fa671ccc1513879da4927a.exe"
    1⤵
      PID:3684
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x4fc 0x2f4
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:3920

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3684-0-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-1-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-2-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-3-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-4-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-5-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-6-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-7-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-8-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-9-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-10-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-11-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-12-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-13-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-14-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/3684-15-0x0000000000400000-0x000000000044A000-memory.dmp

      Filesize

      296KB

      Download