Overview

overview

10

Static

static

10

a1b6543b06...64.exe

windows7-x64

1

a1b6543b06...64.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/04/2024, 16:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a1b6543b06333e8b8b6a90122c36e069d369a0742f5203e17c4c45fe5353e764.exe

  • Size

    32KB

  • MD5

    d20a2f488e6b5c20cd8ada381358ce55

  • SHA1

    5cced3a6cb0f9938bcfa6fc60e10a926f06c274a

  • SHA256

    a1b6543b06333e8b8b6a90122c36e069d369a0742f5203e17c4c45fe5353e764

  • SHA512

    d7a6ebbcf80fe19fa051772bd2555296104dd64f0033b107d1b5f7e64e4e1d7af4d08a665e62351152e70905c49869fbaf1f9ebcb72e4590252ac1f172d2b407

  • SSDEEP

    384:V0bUe5XB4e0XWOhaixBr/QHWTUtTUFQqzFxObbs:2T9BuFMifrYrHbs

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 37 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a1b6543b06333e8b8b6a90122c36e069d369a0742f5203e17c4c45fe5353e764.exe
    "C:\Users\Admin\AppData\Local\Temp\a1b6543b06333e8b8b6a90122c36e069d369a0742f5203e17c4c45fe5353e764.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:620

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/620-0-0x00000000754C0000-0x0000000075A71000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/620-1-0x0000000000E80000-0x0000000000E90000-memory.dmp

          Filesize

          64KB

          Download

        • memory/620-2-0x00000000754C0000-0x0000000075A71000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/620-3-0x00000000754C0000-0x0000000075A71000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/620-4-0x0000000000E80000-0x0000000000E90000-memory.dmp

          Filesize

          64KB

          Download

        • memory/620-5-0x00000000754C0000-0x0000000075A71000-memory.dmp

          Filesize

          5.7MB

          Download