Overview

overview

7

Static

static

3

d4ad53320a...61.exe

windows7-x64

7

d4ad53320a...61.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    18/03/2024, 23:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d4ad53320a8fa20651b431026d2a3661.exe

  • Size

    46KB

  • MD5

    d4ad53320a8fa20651b431026d2a3661

  • SHA1

    30921087af7313d4a094e96a6562c36d9a5e0253

  • SHA256

    c1b7f8d284191375362fa5e65a5bafa9bf0a6d73532a699c6f14a2e895b325a5

  • SHA512

    093bfaced2e58174b2dc9287cdadb60e58446cfe04403c6b3cba3b83f225fa79e121ef96694c4063b839a9a393197cca8ec6581f0904baeede3a7786f1f14324

  • SSDEEP

    768:V2jugpZzAncJrXmPWz5EqANBv60fk/0BDB7o/tqm2GMO8zCXRmSNPH:ITzZJXV6BhtfksBVc/vAO8zCsSZ

Score
7/10
discoveryspywarestealer

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\d4ad53320a8fa20651b431026d2a3661.exe
    "C:\Users\Admin\AppData\Local\Temp\d4ad53320a8fa20651b431026d2a3661.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2988

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2988-0-0x0000000013140000-0x0000000013183000-memory.dmp

          Filesize

          268KB

          Download

        • memory/2988-1-0x0000000013140000-0x0000000013183000-memory.dmp

          Filesize

          268KB

          Download