Overview

overview

3

Static

static

3

b8cfa996f8...b9.exe

windows7-x64

1

b8cfa996f8...b9.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/03/2024, 13:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b8cfa996f8b0edbadf79b86c24b73bb9.exe

  • Size

    2.8MB

  • MD5

    b8cfa996f8b0edbadf79b86c24b73bb9

  • SHA1

    2310b098efb13782f249890eb6ab7bb7eee5a1d8

  • SHA256

    d5f8097f5e83611b82bb238a4f04dd4318bd43f26a3232a16e4dc7c1ae48827f

  • SHA512

    60ddc061bc0ff50edf93fbbe017fc5012ac876ea6cdcc1488fb828a147499dc7a7a273c0068ecdc1307c6b40cede04430de42ca66052e7f607a9806f9ecc0f98

  • SSDEEP

    49152:LakOElMaFLkhsNBk9/fw2BwfmM0fGc9IW1dXgfC/MHmgVljgCWlIssZLi5lKr++:Lak7WsNi9XwgwfoOc9IW1dXgfC/MHmgL

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b8cfa996f8b0edbadf79b86c24b73bb9.exe
    "C:\Users\Admin\AppData\Local\Temp\b8cfa996f8b0edbadf79b86c24b73bb9.exe"
    1⤵
      PID:2532
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4464
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1836

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/1836-0-0x0000014D94B50000-0x0000014D94B60000-memory.dmp

              Filesize

              64KB

              Download

            • memory/1836-16-0x0000014D94C50000-0x0000014D94C60000-memory.dmp

              Filesize

              64KB

              Download

            • memory/1836-32-0x0000014D9CFC0000-0x0000014D9CFC1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/1836-34-0x0000014D9CFF0000-0x0000014D9CFF1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/1836-35-0x0000014D9CFF0000-0x0000014D9CFF1000-memory.dmp

              Filesize

              4KB

              Download

            • memory/1836-36-0x0000014D9D100000-0x0000014D9D101000-memory.dmp

              Filesize

              4KB

              Download