Overview

overview

3

Static

static

3

hotpanties.exe

windows10-1703-x64

1

hotpanties.exe

windows10-2004-x64

1

hotpanties.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    6s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    12-05-2024 13:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hotpanties.exe

  • Size

    427.2MB

  • MD5

    ca4beaa13f3c7374bf3f5216e633bb58

  • SHA1

    e8d2c26a2fbfa60d31339afeef33bce5b13c0e0c

  • SHA256

    0f87fe7698071c6926c123efc0c4b3ce16886c120cd19c35e638a817e1e9b29b

  • SHA512

    fca68448708d2f2f5f463966585ac855c8c6165f5d96dd35292c62cd068448e447d0a0fd9a6c6d84ba1f1a07827f48c106af5cc204bc8a56f283f0e6682e9d30

  • SSDEEP

    6291456:0rdrzpPVk5x4yZ5CQkRUA0WnFl7FJ+ll0CcbpWo2c0WfesQWdvWL3w1Li4b:05Vs2yyZR8oFJ20Ccdac0W9QWNWLUX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\hotpanties.exe
    "C:\Users\Admin\AppData\Local\Temp\hotpanties.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4012

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads