Overview

overview

10

Static

static

3

CV Mariana...ez.exe

windows7-x64

1

CV Mariana...ez.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27-03-2024 15:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CV Mariana Alvarez.exe

  • Size

    769KB

  • MD5

    8519bf7e8a082125a8f8e78e94eb6d49

  • SHA1

    e909b99cec15cc0de660d062994e508308a6a1ae

  • SHA256

    ba40c8faca19c45d887bb88acbc541e6d08e574fb0720a07656ee4d6cda202ae

  • SHA512

    439935219597ac1d0d8d4dce116861b7ac6ec8181bfd3939c2c3e4aeab3f04b6e134473260ca85d8548a8f57a71eac9cb5591a473044626a3d2dd63f49204ae0

  • SSDEEP

    12288:T7spRsBnr4VL+Dvg+jomvyMm+LTJSgaSK7q4VmnPjhz4tw3FKlzNevL7V:EpRsyBYoxl+P4rS4q2mP2C8lzq

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 13 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe
    "C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2664
    • C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe
      "C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe"
      2⤵
        PID:2464
      • C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe
        "C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe"
        2⤵
          PID:2672
        • C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe
          "C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe"
          2⤵
            PID:2496
          • C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe
            "C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe"
            2⤵
              PID:2608
            • C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe
              "C:\Users\Admin\AppData\Local\Temp\CV Mariana Alvarez.exe"
              2⤵
                PID:2592

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/2664-0-0x00000000003C0000-0x0000000000486000-memory.dmp

              Filesize

              792KB

              Download

            • memory/2664-1-0x0000000074DF0000-0x00000000754DE000-memory.dmp

              Filesize

              6.9MB

              Download

            • memory/2664-2-0x0000000004810000-0x0000000004850000-memory.dmp

              Filesize

              256KB

              Download

            • memory/2664-3-0x00000000004B0000-0x00000000004CA000-memory.dmp

              Filesize

              104KB

              Download

            • memory/2664-4-0x00000000004E0000-0x00000000004EC000-memory.dmp

              Filesize

              48KB

              Download

            • memory/2664-5-0x0000000005FE0000-0x0000000006062000-memory.dmp

              Filesize

              520KB

              Download

            • memory/2664-6-0x0000000074DF0000-0x00000000754DE000-memory.dmp

              Filesize

              6.9MB

              Download

            • memory/2664-7-0x0000000004810000-0x0000000004850000-memory.dmp

              Filesize

              256KB

              Download

            • memory/2664-8-0x0000000074DF0000-0x00000000754DE000-memory.dmp

              Filesize

              6.9MB

              Download