Overview

overview

7

Static

static

3

33b40a5546...b7.exe

windows7-x64

1

33b40a5546...b7.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-04-2024 12:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    33b40a554645ef505ae65fdeb4bdb431ca81bfee61ab53f56ae5d66a7d41a2b7.exe

  • Size

    716KB

  • MD5

    d4487a53e4cbfa3a9eb288ca6ca951ba

  • SHA1

    ca227a40c24e8860858262db4bf5f17a633b56ca

  • SHA256

    33b40a554645ef505ae65fdeb4bdb431ca81bfee61ab53f56ae5d66a7d41a2b7

  • SHA512

    7cf0b5f831241d1b92b4f47222ca8f85eaefbc724b61bee37deb10a8011bc62d0f81ab9dc071bfe42becfb71110460834369dafe2d863ab0ace838932c94496e

  • SSDEEP

    12288:+3P/aK2vB+UTduSZpUdxB30GHrVxGnXQSaWt+DNISOgv3isiyWcc:+/CKABZTduSZpUR0GHrVQ1aW4mSOgv3q

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\33b40a554645ef505ae65fdeb4bdb431ca81bfee61ab53f56ae5d66a7d41a2b7.exe
    "C:\Users\Admin\AppData\Local\Temp\33b40a554645ef505ae65fdeb4bdb431ca81bfee61ab53f56ae5d66a7d41a2b7.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:3276
  • C:\Windows\System32\alg.exe
    C:\Windows\System32\alg.exe
    1⤵
    • Executes dropped EXE
    PID:1588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\System32\alg.exe
    Filesize

    661KB

    MD5

    aa048114f9a607a20a9b1bc27a075d4f

    SHA1

    0017401dc73b2b2304e18cf4b696d5f491bee502

    SHA256

    287da1dcddf99945017dec13d337a814341c9e771d757793596fffb5dcffda1d

    SHA512

    63e5da1c09826724565d75dc0cbcd93cc04a4039de12634fd41cb938416bd5359d9102f4de7cf00ea35c01f04969c43137457966f16fd4db5707b86bf033b515

    Download Submit

  • memory/1588-14-0x0000000140000000-0x00000001400AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1588-16-0x0000000140000000-0x00000001400AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/3276-0-0x0000000000400000-0x00000000004B8000-memory.dmp

    Filesize

    736KB

    Download

  • memory/3276-1-0x0000000000670000-0x00000000006D7000-memory.dmp

    Filesize

    412KB

    Download

  • memory/3276-7-0x0000000000670000-0x00000000006D7000-memory.dmp

    Filesize

    412KB

    Download

  • memory/3276-6-0x0000000000670000-0x00000000006D7000-memory.dmp

    Filesize

    412KB

    Download

  • memory/3276-15-0x0000000000400000-0x00000000004B8000-memory.dmp

    Filesize

    736KB

    Download