Overview

overview

3

Static

static

3

c140de8f9b...e9.exe

windows7-x64

1

c140de8f9b...e9.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/03/2024, 18:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c140de8f9bdccd8f67b90627a225c6e9.exe

  • Size

    163KB

  • MD5

    c140de8f9bdccd8f67b90627a225c6e9

  • SHA1

    1d4247e5fe4556fe000af775d3b3641f3d44dd27

  • SHA256

    9759540f48c737ecf64305d96b05ef32396d821e3752f01e5e09aa0104780de5

  • SHA512

    4ad1658ec204d78fc31eac302754f6a286568b24c3e020fdbd14c8679294b1e157ede9a378280d18c826cc6dad45302294b87d69652c4c0b48e5ada3b6a64702

  • SSDEEP

    3072:inUOYZpu/bb/zLgO2K08hZXsiHJ9Zw1fyoePerDr50+q/h+GdM1vxH:qUPu///nJhJxK1fyojrS+q5hi

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c140de8f9bdccd8f67b90627a225c6e9.exe
    "C:\Users\Admin\AppData\Local\Temp\c140de8f9bdccd8f67b90627a225c6e9.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:392

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/392-0-0x0000000074CE0000-0x0000000075490000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/392-1-0x0000000000780000-0x00000000007B2000-memory.dmp

          Filesize

          200KB

          Download

        • memory/392-2-0x0000000005240000-0x0000000005250000-memory.dmp

          Filesize

          64KB

          Download

        • memory/392-3-0x0000000005A00000-0x0000000005FA4000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/392-4-0x0000000005450000-0x00000000054E2000-memory.dmp

          Filesize

          584KB

          Download

        • memory/392-5-0x00000000055E0000-0x00000000055EA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/392-6-0x0000000005240000-0x0000000005250000-memory.dmp

          Filesize

          64KB

          Download

        • memory/392-7-0x0000000074CE0000-0x0000000075490000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/392-8-0x0000000005240000-0x0000000005250000-memory.dmp

          Filesize

          64KB

          Download

        • memory/392-9-0x0000000005240000-0x0000000005250000-memory.dmp

          Filesize

          64KB

          Download