Overview

overview

10

Static

static

10

37214b3734...75.exe

windows7-x64

1

37214b3734...75.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    192s
  • max time network
    183s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/03/2024, 08:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    37214b37345bfbeeacf7b83ecb4e1ce0044acc2066d14e7ef9a87fd56a3b5975.exe

  • Size

    7.0MB

  • MD5

    c6208c4b168c2f8c433d6473e8ce3fb5

  • SHA1

    f9887e0cb144b3c68ff77017c6fef55f1da38b64

  • SHA256

    37214b37345bfbeeacf7b83ecb4e1ce0044acc2066d14e7ef9a87fd56a3b5975

  • SHA512

    7c17b71806497e5722b79ddd11e4ffe3fba57611121e19a2acfb06b65d0e4b55a2842e031a286eecbbbeb99ec6d196d27c2e49359a207a92884a31017dce3d12

  • SSDEEP

    98304:i4nOqpxV0AFE9iE/kxjSuqC82WpUlCnrwqJlmvq:bpxV0D9S56j2SYorwq7eq

Score
7/10

Malware Config

Signatures

  • Drops startup file 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\37214b37345bfbeeacf7b83ecb4e1ce0044acc2066d14e7ef9a87fd56a3b5975.exe
    "C:\Users\Admin\AppData\Local\Temp\37214b37345bfbeeacf7b83ecb4e1ce0044acc2066d14e7ef9a87fd56a3b5975.exe"
    1⤵
    • Drops startup file
    PID:4612
  • C:\Windows\system32\rundll32.exe
    "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
    1⤵
      PID:3532
    • C:\Windows\System32\svchost.exe
      C:\Windows\System32\svchost.exe -k UnistackSvcGroup
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:4892

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4892-1-0x0000019610840000-0x0000019610850000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4892-17-0x0000019610940000-0x0000019610950000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4892-33-0x0000019618EE0000-0x0000019618EE1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-34-0x0000019618F00000-0x0000019618F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-35-0x0000019618F00000-0x0000019618F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-36-0x0000019618F00000-0x0000019618F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-37-0x0000019618F00000-0x0000019618F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-38-0x0000019618F00000-0x0000019618F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-39-0x0000019618F00000-0x0000019618F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-40-0x0000019618F00000-0x0000019618F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-41-0x0000019618F00000-0x0000019618F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-42-0x0000019618F00000-0x0000019618F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-43-0x0000019618F00000-0x0000019618F01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-44-0x0000019618B30000-0x0000019618B31000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-45-0x0000019618B20000-0x0000019618B21000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-47-0x0000019618B30000-0x0000019618B31000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-50-0x0000019618B20000-0x0000019618B21000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-53-0x0000019618A60000-0x0000019618A61000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-65-0x0000019618C60000-0x0000019618C61000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-67-0x0000019618C70000-0x0000019618C71000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-68-0x0000019618C70000-0x0000019618C71000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4892-69-0x0000019618D80000-0x0000019618D81000-memory.dmp

      Filesize

      4KB

      Download