Overview

overview

3

Static

static

3

c642e61825...e8.exe

windows7-x64

1

c642e61825...e8.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/03/2024, 15:46

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c642e618252496148e19279660b824e8.exe

  • Size

    356KB

  • MD5

    c642e618252496148e19279660b824e8

  • SHA1

    f04ae3116972f5032f2ce3153bdf758db64c4508

  • SHA256

    b8700f1bd50d24669cfda825b2d01d8fd80448cd4506c2cf5a9f3c4775787c70

  • SHA512

    9911a10b7b497a67046419c74325f07147b769a030818c382bef60e02ef2a1da447d7bf4281bd2a6faee78b06fcee1e2691811ee1d62cef795aed941c114e7df

  • SSDEEP

    6144:DNGJlZCJFJZ2AuUrf/Ets+mmqmmmmmk+qClk50Yr+:BGJlZCJFJZYts+mmqmmmmmkyk50L

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c642e618252496148e19279660b824e8.exe
    "C:\Users\Admin\AppData\Local\Temp\c642e618252496148e19279660b824e8.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4964

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4964-0-0x00007FF8E4EB0000-0x00007FF8E5851000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/4964-1-0x0000000000E70000-0x0000000000E80000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4964-2-0x00007FF8E4EB0000-0x00007FF8E5851000-memory.dmp

          Filesize

          9.6MB

          Download

        • memory/4964-4-0x00007FF8E4EB0000-0x00007FF8E5851000-memory.dmp

          Filesize

          9.6MB

          Download