Analysis
-
max time kernel
139s -
max time network
129s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
22-05-2024 03:43
General
-
Target
97c55ae16649c8e7d0b57eef805f4f4573ca94bb979b66f84c64a1db807f1761.exe
-
Size
684KB
-
MD5
9e41210599ed6a2a7e2576bfa1e7229c
-
SHA1
1e82036688db05107cc86aae80c9dd6fd4b53a7a
-
SHA256
97c55ae16649c8e7d0b57eef805f4f4573ca94bb979b66f84c64a1db807f1761
-
SHA512
761a02f1433a47fc9f6ad20dfe993a580543d4da855847c78e586ad9eb55fee4d35c1fad33bb277fce1db9f732e0a6629b906da625316a4445bb5ae6f195d401
-
SSDEEP
12288:3YTj579bOnYrHzP9W4GWBL6kYN++iPW9yIRvw2MS1eElMVrr:Ix9MYrHzwK6kYDiPi+S1/g
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\97c55ae16649c8e7d0b57eef805f4f4573ca94bb979b66f84c64a1db807f1761.exe"C:\Users\Admin\AppData\Local\Temp\97c55ae16649c8e7d0b57eef805f4f4573ca94bb979b66f84c64a1db807f1761.exe"1⤵
- Drops file in System32 directory
- Suspicious use of AdjustPrivilegeToken
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=1304,i,18168883380598738769,14202261231630113808,262144 --variations-seed-version --mojo-platform-channel-handle=4240 /prefetch:81⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2760-0-0x0000000140000000-0x00000001400AF000-memory.dmpFilesize
700KB
-
memory/2760-1-0x0000000001F40000-0x0000000001FA0000-memory.dmpFilesize
384KB
-
memory/2760-9-0x0000000001F40000-0x0000000001FA0000-memory.dmpFilesize
384KB
-
memory/2760-11-0x0000000001F40000-0x0000000001FA0000-memory.dmpFilesize
384KB
-
memory/2760-13-0x0000000140000000-0x00000001400AF000-memory.dmpFilesize
700KB