Overview

overview

3

Static

static

3

39723c7387...fe.exe

windows7-x64

3

39723c7387...fe.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-04-2024 21:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    39723c73874a50ad36716ffd7f24f0b438a09a4e19e3192fbd9e3c608d5fa4fe.exe

  • Size

    2.8MB

  • MD5

    78df0bced818946572b183cb901e1a20

  • SHA1

    6a5d3ae6a7a0d6d615566ad0161534ec029f29ce

  • SHA256

    39723c73874a50ad36716ffd7f24f0b438a09a4e19e3192fbd9e3c608d5fa4fe

  • SHA512

    c3f2a7880875398f4d8153403de8e3bf2b73e460bac7ea7d6759b0f5541c0fdf82c2419fc4ae2f0c726da4cee9f3c26c047fc46bda6fa133588d29c31c33a8f6

  • SSDEEP

    49152:+0tT8S6vv1aPn/OtD0Xi7Xf5VvZk05MkKUHx4/OKiUiBCr:+0tQNuKDYi7PXx7RxKLiEr

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\39723c73874a50ad36716ffd7f24f0b438a09a4e19e3192fbd9e3c608d5fa4fe.exe
    "C:\Users\Admin\AppData\Local\Temp\39723c73874a50ad36716ffd7f24f0b438a09a4e19e3192fbd9e3c608d5fa4fe.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\~f76975f\res\3.png
    Filesize

    367B

    MD5

    0280674ecaf1b19dd5940aee2bbff1b1

    SHA1

    b7f9439259705a0a781e7a564c7e34a89d0f959b

    SHA256

    51c7309a133e143e420b57aa3e035478cf10a2ea6daebed971a35377e0e5c3a8

    SHA512

    c43363cdccf3f96a35f476f17606318e5ffb3513b52d91249f1545b317a4376e58984161660b2371ed6bf5b79be63b443161a60c38ecb4db757d8df67c472ff0

    Download Submit

  • memory/2508-60-0x00000000002A0000-0x00000000002A1000-memory.dmp

    Filesize

    4KB

    Download