Overview

overview

5

Static

static

3

a1b7b70910...56.exe

windows7-x64

5

a1b7b70910...56.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-03-2024 21:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a1b7b70910bf43da4c9be55ed32aa40c689703fc221d3c211545bc7579798656.exe

  • Size

    1.7MB

  • MD5

    f15206b14293f2a87fecf63f705666b0

  • SHA1

    857b13e790bb02d2200ae7abfe5d1a9783116920

  • SHA256

    a1b7b70910bf43da4c9be55ed32aa40c689703fc221d3c211545bc7579798656

  • SHA512

    6f9b773b6a38a1a064aa0b2ad8382142a4ba29d7eb794866270d8125f4c72c2e672efc3ac48d0a9af60b415fffc5dbd5766cbe1ddc60476cea9117a46d065d78

  • SSDEEP

    24576:hSxSNaAyi9hN0rTduSZpUR0GHrVQ1aW4mSOgv3isi:hSx85yi9z0NpAHrVQ1/fSNvi

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a1b7b70910bf43da4c9be55ed32aa40c689703fc221d3c211545bc7579798656.exe
    "C:\Users\Admin\AppData\Local\Temp\a1b7b70910bf43da4c9be55ed32aa40c689703fc221d3c211545bc7579798656.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:4492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4492-0-0x0000000140000000-0x000000014029A000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/4492-1-0x0000000002090000-0x00000000020F0000-memory.dmp

    Filesize

    384KB

    Download

  • memory/4492-8-0x0000000002090000-0x00000000020F0000-memory.dmp

    Filesize

    384KB

    Download

  • memory/4492-10-0x0000000002090000-0x00000000020F0000-memory.dmp

    Filesize

    384KB

    Download

  • memory/4492-12-0x0000000140000000-0x000000014029A000-memory.dmp

    Filesize

    2.6MB

    Download