Overview

overview

10

Static

static

10

26730d966c...eb.exe

windows7-x64

9

26730d966c...eb.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    141s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/03/2024, 18:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    26730d966c8cfb8793746125f89c2c07fce4096476fe9828a4236c870113dceb.exe

  • Size

    287KB

  • MD5

    003a5d20a262b1b6504bd7a337ce48cc

  • SHA1

    7b93401097c909c979945888a2d33053d2d3090b

  • SHA256

    26730d966c8cfb8793746125f89c2c07fce4096476fe9828a4236c870113dceb

  • SHA512

    ed031a1a8917c6863ad3f42a21b73c0d1c10c02c48b1c0397507fedbe968b27b6ad1b7bb831da3f1102e44c62c9eafb367c2fe49b46b9c03288ab4798ba92d06

  • SSDEEP

    6144:xVkqYS1B7cQkeRUl06NmZb70onH4mvhFSXyxsBVQEoPmAAXui7mul5Wv54zaK:ASjtV+06NmZb70onH4mvh0XyWBVQEcmz

Score
9/10

Malware Config

Signatures

  • Detects executables packed with ConfuserEx Mod 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\26730d966c8cfb8793746125f89c2c07fce4096476fe9828a4236c870113dceb.exe
    "C:\Users\Admin\AppData\Local\Temp\26730d966c8cfb8793746125f89c2c07fce4096476fe9828a4236c870113dceb.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:884
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1040 --field-trial-handle=2264,i,15001568551143786084,90255922961447677,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:2308

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/884-0-0x0000000075290000-0x0000000075A40000-memory.dmp

            Filesize

            7.7MB

            Download

          • memory/884-1-0x00000000006A0000-0x00000000006EC000-memory.dmp

            Filesize

            304KB

            Download

          • memory/884-2-0x0000000005020000-0x0000000005056000-memory.dmp

            Filesize

            216KB

            Download

          • memory/884-3-0x0000000005290000-0x00000000052A0000-memory.dmp

            Filesize

            64KB

            Download

          • memory/884-4-0x0000000009CD0000-0x000000000A274000-memory.dmp

            Filesize

            5.6MB

            Download

          • memory/884-5-0x0000000005340000-0x00000000053D2000-memory.dmp

            Filesize

            584KB

            Download

          • memory/884-6-0x0000000005260000-0x000000000526A000-memory.dmp

            Filesize

            40KB

            Download

          • memory/884-7-0x0000000075290000-0x0000000075A40000-memory.dmp

            Filesize

            7.7MB

            Download

          • memory/884-8-0x0000000005290000-0x00000000052A0000-memory.dmp

            Filesize

            64KB

            Download

          • memory/884-9-0x0000000005290000-0x00000000052A0000-memory.dmp

            Filesize

            64KB

            Download

          • memory/884-10-0x0000000005290000-0x00000000052A0000-memory.dmp

            Filesize

            64KB

            Download