Overview

overview

8

Static

static

7

Release/Bu...re.dll

windows10-2004-x64

8

Release/Bu....3.dll

windows10-2004-x64

1

Release/Di...PC.dll

windows10-2004-x64

1

Release/Loader.exe

windows10-2004-x64

1

Release/Si...UI.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    95s
  • max time network
    114s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/04/2024, 12:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Release/Loader.exe

  • Size

    2.0MB

  • MD5

    6b39e8ac3dc84b7364e941897a0aea33

  • SHA1

    f5bb05c5edb1e2309318646cb566cc2f7dcca9b0

  • SHA256

    1142fce9c3308f4937ed1b3e84a603619c1ca6eeeee3310aa2304c4f54e61d24

  • SHA512

    bc13e28c7ffbd710eb570f9cbefab569891d96ca38c79ebb9e0e340d2deecbde51085045be8eb03289c8c916fa012983fe3fe11823564cbcee7d90d782ca9576

  • SSDEEP

    49152:k3p373Vy68bIO5YbCsKm8uVxHTt+n/CknSDwAOU3:k3p373c68lY2mzEn/He3

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Release\Loader.exe
    "C:\Users\Admin\AppData\Local\Temp\Release\Loader.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4988-1-0x0000000074B40000-0x00000000752F0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4988-0-0x00000000000E0000-0x00000000002F0000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/4988-2-0x0000000005340000-0x00000000058E4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4988-3-0x0000000004CC0000-0x0000000004D52000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4988-4-0x0000000004C80000-0x0000000004C90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4988-5-0x0000000004E80000-0x0000000004E8A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4988-6-0x0000000005090000-0x00000000051DE000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/4988-7-0x0000000004D70000-0x0000000004D84000-memory.dmp

    Filesize

    80KB

    Download

  • memory/4988-8-0x0000000005AC0000-0x0000000005B18000-memory.dmp

    Filesize

    352KB

    Download

  • memory/4988-9-0x00000000068A0000-0x000000000693C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/4988-10-0x0000000004C80000-0x0000000004C90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4988-11-0x0000000007230000-0x0000000007242000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4988-13-0x0000000074B40000-0x00000000752F0000-memory.dmp

    Filesize

    7.7MB

    Download