Overview

overview

3

Static

static

3

7937b8b2b8...38.exe

windows7-x64

1

7937b8b2b8...38.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    105s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/03/2024, 22:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7937b8b2b8cbfc139d43e5e8393e439cf2fc58c4ce848ff28601e5f83b235438.exe

  • Size

    2.4MB

  • MD5

    834b48c2d1cb1e5b889a9d9022388f73

  • SHA1

    3423f20fe7a7c283a433563fa391c6084350b71b

  • SHA256

    7937b8b2b8cbfc139d43e5e8393e439cf2fc58c4ce848ff28601e5f83b235438

  • SHA512

    49241de19a86336543d6bfcb91b46191e8319f732c72dcf870dd68621da9114935c2181e49bcfd42239406ddf5e975bbdc7597b65b021813203cb33d2e64662b

  • SSDEEP

    49152:OauEgfZzmNyPI1qr+4etgNq2SxlcQ/56txGt48Xy0a:OZZpg1qGtgk2SXb56txGt4+yR

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7937b8b2b8cbfc139d43e5e8393e439cf2fc58c4ce848ff28601e5f83b235438.exe
    "C:\Users\Admin\AppData\Local\Temp\7937b8b2b8cbfc139d43e5e8393e439cf2fc58c4ce848ff28601e5f83b235438.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:4780

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\FXTT\7937b8b2b8cbfc139d43e5e83_Url_fwaxxshcncds0fxtp23efzspjvwv4elt\2.2.26.0\user.config
          Filesize

          875B

          MD5

          553636724737de5a9ba81a82d1d49e19

          SHA1

          dd8238fd7c21db7532020d5d4aeec472060d9869

          SHA256

          c7c5d23fb4e03c8cfa7bc80e45f62ea635b1a0f17b13409b80e70637ea244ede

          SHA512

          19b8b58285018a305d215e1290bb66fecc2c29f68d4a7422488b8a113fb8c147f391f2ee8f2346822af3827485f8bec0b46bb38dc5457b6504029e43d40820a3

          Download Submit

        • C:\Users\Admin\AppData\Local\FXTT\7937b8b2b8cbfc139d43e5e83_Url_fwaxxshcncds0fxtp23efzspjvwv4elt\2.2.26.0\user.config
          Filesize

          9KB

          MD5

          f06fc1304e5600b2328241cf05d37e3b

          SHA1

          3547b245311776a9ce849c52277ecd202e448b2c

          SHA256

          e932b01ccac069a7a68a4e0db7cb976fb39f5718076e8dbb4c4ad5195de66b77

          SHA512

          7fc7b29f981749c652c4eac2e5954159a2fd5da9c5571e6602766985edc77668a937abfcce9a5345f8c27eb27b8e3a15cd7e4cc71809b9b3bb6efb8e30c54f79

          Download Submit

        • memory/4780-12-0x0000016861BE0000-0x0000016861BF0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4780-1-0x00007FFAA6D00000-0x00007FFAA77C1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/4780-4-0x0000016861A10000-0x0000016861AA4000-memory.dmp

          Filesize

          592KB

          Download

        • memory/4780-5-0x0000016861EA0000-0x0000016861EF2000-memory.dmp

          Filesize

          328KB

          Download

        • memory/4780-6-0x00000168479C0000-0x00000168479DA000-memory.dmp

          Filesize

          104KB

          Download

        • memory/4780-7-0x0000016862030000-0x0000016862070000-memory.dmp

          Filesize

          256KB

          Download

        • memory/4780-10-0x0000016861BE0000-0x0000016861BF0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4780-11-0x0000016861BE0000-0x0000016861BF0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4780-0-0x0000016847340000-0x00000168475B4000-memory.dmp

          Filesize

          2.5MB

          Download

        • memory/4780-3-0x0000016861BF0000-0x0000016861E9C000-memory.dmp

          Filesize

          2.7MB

          Download

        • memory/4780-2-0x0000016861BE0000-0x0000016861BF0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4780-37-0x0000016862C20000-0x0000016862C36000-memory.dmp

          Filesize

          88KB

          Download

        • memory/4780-38-0x0000016865E00000-0x0000016865FC2000-memory.dmp

          Filesize

          1.8MB

          Download

        • memory/4780-39-0x0000016866500000-0x0000016866A28000-memory.dmp

          Filesize

          5.2MB

          Download

        • memory/4780-40-0x00007FFAA6D00000-0x00007FFAA77C1000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/4780-41-0x0000016861BE0000-0x0000016861BF0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4780-42-0x0000016861BE0000-0x0000016861BF0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4780-43-0x0000016861BE0000-0x0000016861BF0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4780-44-0x0000016861BE0000-0x0000016861BF0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4780-45-0x0000016861BE0000-0x0000016861BF0000-memory.dmp

          Filesize

          64KB

          Download