Overview

overview

8

Static

static

3

c6bcd79e4d...d6.exe

windows7-x64

8

c6bcd79e4d...d6.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    146s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/03/2024, 20:00

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c6bcd79e4d42dd3592974f5a16b972d6.exe

  • Size

    32KB

  • MD5

    c6bcd79e4d42dd3592974f5a16b972d6

  • SHA1

    b08db0c1b2f46a15244269f426b0745d2524ea8f

  • SHA256

    cff5d3ba96f71c415215c0e5e21cd9ba4c8afe8ff51954496169406e739eec4c

  • SHA512

    20f57f385be11ac16022483f2f0c8c267806eec53426456d3cb897bf5886c7fecb3c8e8a15892a52367f6fa4f6e071bac15194eeb3112b1464ef99de6163ecea

  • SSDEEP

    768:WaG/yLPArALxNzMHS/cuQV8FAaytyGZZPoVa9Im:Wd/yLPArAtNzMy/FQV8FA5/oiIm

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 1 IoCs
  • Drops file in Windows directory 1 IoCs
  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c6bcd79e4d42dd3592974f5a16b972d6.exe
    "C:\Users\Admin\AppData\Local\Temp\c6bcd79e4d42dd3592974f5a16b972d6.exe"
    1⤵
    • Drops file in Drivers directory
    • Drops file in Windows directory
    • Suspicious use of AdjustPrivilegeToken
    PID:4496

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads