Overview

overview

3

Static

static

3

c4fc4cbe87...f1.exe

windows7-x64

1

c4fc4cbe87...f1.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-03-2024 04:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c4fc4cbe8754288ac6c30c0ab41014f1.exe

  • Size

    534KB

  • MD5

    c4fc4cbe8754288ac6c30c0ab41014f1

  • SHA1

    fadffa591e3ec4fefd6d3afe7ade216cf3760eeb

  • SHA256

    52185ebd20bfb3e754d8f739e607096e4f4d79f506a5698f4ca90864f08fa81c

  • SHA512

    86fb5a897faa97703554f7ebbc5cd6da53cd3d3ded3d8fbcc182e0e989fe8bd7f0f1d0448d3c51a9ff608f918df1ecc397ec990e55e11228ac40ae5fb877f7d7

  • SSDEEP

    12288:AgM8ASY7VByYol8oTSMb7a41qm/L/GKcv/Pl2SpPNwO:AL7yviUSQaP0KKOl2SI

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 29 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c4fc4cbe8754288ac6c30c0ab41014f1.exe
    "C:\Users\Admin\AppData\Local\Temp\c4fc4cbe8754288ac6c30c0ab41014f1.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:4692

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4692-0-0x0000000000AB0000-0x0000000000B3C000-memory.dmp

    Filesize

    560KB

    Download

  • memory/4692-1-0x00000000744F0000-0x0000000074CA0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4692-2-0x0000000005470000-0x0000000005502000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4692-3-0x00000000053C0000-0x00000000053D0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4692-4-0x0000000002EB0000-0x0000000002ED0000-memory.dmp

    Filesize

    128KB

    Download

  • memory/4692-5-0x00000000053D0000-0x0000000005450000-memory.dmp

    Filesize

    512KB

    Download

  • memory/4692-6-0x0000000005510000-0x000000000555A000-memory.dmp

    Filesize

    296KB

    Download

  • memory/4692-7-0x0000000005B10000-0x00000000060B4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4692-8-0x0000000006F80000-0x0000000006FAA000-memory.dmp

    Filesize

    168KB

    Download

  • memory/4692-9-0x00000000744F0000-0x0000000074CA0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4692-10-0x00000000053C0000-0x00000000053D0000-memory.dmp

    Filesize

    64KB

    Download