Overview

overview

1

Static

static

1

c9fc26b2c1...52.exe

windows7-x64

1

c9fc26b2c1...52.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-03-2024 00:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c9fc26b2c16a08e38aa8fc2264b79052.exe

  • Size

    1.2MB

  • MD5

    c9fc26b2c16a08e38aa8fc2264b79052

  • SHA1

    984297683156fa4229bda79480a83ddaf451c81c

  • SHA256

    11808159d808542b4ba5fd3241a28a7733b76c7d5b5559b3efd5f3336460e364

  • SHA512

    b09a8899a6337e30a928d2759a79a8eea7d0d0587344f4c318667f322ccd64da2597e2e4896cfb232db0008b0c9d9c4b03cd1f1121fb85f34ff995f356ec730e

  • SSDEEP

    12288:jvlm+YpSnw4flm+YpSnw4j7hOJL+gC18BbzUlm+YpSnw4y:Llblv78JL+gWOUlu

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c9fc26b2c16a08e38aa8fc2264b79052.exe
    "C:\Users\Admin\AppData\Local\Temp\c9fc26b2c16a08e38aa8fc2264b79052.exe"
    1⤵
      PID:372
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:1376
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2456

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        0c21c605fe952cd27221bb16946233fb

        SHA1

        68aa36ff8bea674708a85d2b05e3df4daf6ec9d5

        SHA256

        19ed317659c755607311f0470345e2e17f563361a7e9f9f55536edccfe53ab3b

        SHA512

        8296c78dafd4e798cf358f92595a83ed72ebb8b752c446fe1b92991d30436fcad2dc0bf2eb19b78b9b77f3a9d6994fa0a9538a4d8be42ef265ba084456589f4a

        Download Submit

      • memory/372-0-0x0000000065150000-0x0000000065281000-memory.dmp

        Filesize

        1.2MB

        Download

      • memory/372-1-0x0000000065150000-0x0000000065281000-memory.dmp

        Filesize

        1.2MB

        Download

      • memory/2456-42-0x0000029F1AC80000-0x0000029F1AC81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-44-0x0000029F1AC80000-0x0000029F1AC81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-35-0x0000029F1AC80000-0x0000029F1AC81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-36-0x0000029F1AC80000-0x0000029F1AC81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-37-0x0000029F1AC80000-0x0000029F1AC81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-38-0x0000029F1AC80000-0x0000029F1AC81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-39-0x0000029F1AC80000-0x0000029F1AC81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-40-0x0000029F1AC80000-0x0000029F1AC81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-41-0x0000029F1AC80000-0x0000029F1AC81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-18-0x0000029F12680000-0x0000029F12690000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2456-43-0x0000029F1AC80000-0x0000029F1AC81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-34-0x0000029F1AC70000-0x0000029F1AC71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-45-0x0000029F1A8C0000-0x0000029F1A8C1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-46-0x0000029F1A8B0000-0x0000029F1A8B1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-54-0x0000029F1A7F0000-0x0000029F1A7F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-68-0x0000029F1AA00000-0x0000029F1AA01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-70-0x0000029F1AB10000-0x0000029F1AB11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-69-0x0000029F1AA00000-0x0000029F1AA01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-66-0x0000029F1A9F0000-0x0000029F1A9F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-2-0x0000029F12580000-0x0000029F12590000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2456-51-0x0000029F1A8B0000-0x0000029F1A8B1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2456-48-0x0000029F1A8C0000-0x0000029F1A8C1000-memory.dmp

        Filesize

        4KB

        Download