Overview

overview

7

Static

static

3

55abf5108b...d3.exe

windows7-x64

5

55abf5108b...d3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-03-2024 13:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    55abf5108b7d37710ade4a1e7331bc474f45edb8e6b77b7294f618e4aa9512d3.exe

  • Size

    4.0MB

  • MD5

    e854e6ef3fe29b84dbe51ca17f6fee90

  • SHA1

    e8c8ea18813c2523f09bc55a8394f8d787131931

  • SHA256

    55abf5108b7d37710ade4a1e7331bc474f45edb8e6b77b7294f618e4aa9512d3

  • SHA512

    97d2207bba664694e4f5ae8462c81176c58f11bddf61853aa62b170cb107d99105498ef6f9e4b8cdfd7e1be6d9fc442e9b541a6e8427900534ade3a67b18c1a8

  • SSDEEP

    49152:sjPJJsMg0UMp2viAEk2qtFoLuzO7ge9fDqgs16IQsYToE5vHs3M9sR:wP/0mpEeqgsMIQsYTXJs3/

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\55abf5108b7d37710ade4a1e7331bc474f45edb8e6b77b7294f618e4aa9512d3.exe
    "C:\Users\Admin\AppData\Local\Temp\55abf5108b7d37710ade4a1e7331bc474f45edb8e6b77b7294f618e4aa9512d3.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:1012
  • C:\Windows\System32\alg.exe
    C:\Windows\System32\alg.exe
    1⤵
    • Executes dropped EXE
    PID:1020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\System32\alg.exe
    Filesize

    661KB

    MD5

    a43630aedefd2ceb83bd0501761b9ea2

    SHA1

    7b61a5056885ec21e5b09cc3f291ee6bbca63f0d

    SHA256

    439fa165e0a176d35ce489c71e25d566319c41c381f837a8feed29b853bd7096

    SHA512

    27c2380e8c3739b6a05b13343b27ac1eec1cd9035bf0c462f80985b0c1ae5630c4cf433e70b2fa9f82005f22a8b2bdc48e91b2220560c25d1d29a1d588730743

    Download Submit

  • memory/1012-0-0x0000000002220000-0x0000000002280000-memory.dmp

    Filesize

    384KB

    Download

  • memory/1012-1-0x0000000140000000-0x0000000140408000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1012-7-0x0000000002220000-0x0000000002280000-memory.dmp

    Filesize

    384KB

    Download

  • memory/1012-13-0x0000000002220000-0x0000000002280000-memory.dmp

    Filesize

    384KB

    Download

  • memory/1012-15-0x0000000140000000-0x0000000140408000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1020-12-0x0000000140000000-0x00000001400AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1020-16-0x0000000140000000-0x00000001400AA000-memory.dmp

    Filesize

    680KB

    Download