Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    18/05/2024, 12:11

General

  • Target

    eee_payload.exe

  • Size

    261KB

  • MD5

    ee73e48395918fc324d655c14482effd

  • SHA1

    d177209785824724c4786c14995d1726b16f76ca

  • SHA256

    d4dfb7228adfd937f59d1e4cd050cdfe3e24e18dbe24eda9b2c01ea51c664ff4

  • SHA512

    56d10c4003bc51dc9daaa1c2610e20af14c9059ede6bd5394f22833adbeef25b5cb55fbb4cc0735d644375f01de779442066e257b77709e93eec6af92a231002

  • SSDEEP

    6144:MDKW1Lgbdl0TBBvjc/28EfxpAG9FuEIB61Q:ah1Lk70TnvjcO8gxjFuEIB6m

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\eee_payload.exe
    "C:\Users\Admin\AppData\Local\Temp\eee_payload.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2132

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2132-0-0x000000007443E000-0x000000007443F000-memory.dmp

          Filesize

          4KB

        • memory/2132-1-0x0000000002030000-0x0000000002084000-memory.dmp

          Filesize

          336KB

        • memory/2132-2-0x0000000002080000-0x00000000020D2000-memory.dmp

          Filesize

          328KB

        • memory/2132-3-0x0000000074430000-0x0000000074B1E000-memory.dmp

          Filesize

          6.9MB

        • memory/2132-4-0x0000000074430000-0x0000000074B1E000-memory.dmp

          Filesize

          6.9MB

        • memory/2132-5-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-6-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-8-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-12-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-34-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-56-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-10-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-68-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-66-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-64-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-62-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-60-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-58-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-54-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-52-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-50-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-48-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-46-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-44-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-42-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-40-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-38-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-36-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-32-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-30-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-28-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-26-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-24-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-22-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-20-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-18-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-16-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-14-0x0000000002080000-0x00000000020CD000-memory.dmp

          Filesize

          308KB

        • memory/2132-1035-0x0000000074430000-0x0000000074B1E000-memory.dmp

          Filesize

          6.9MB

        • memory/2132-1036-0x000000007443E000-0x000000007443F000-memory.dmp

          Filesize

          4KB

        • memory/2132-1037-0x0000000074430000-0x0000000074B1E000-memory.dmp

          Filesize

          6.9MB