Overview

overview

7

Static

static

7

2b7d8380db...11.exe

windows7-x64

1

2b7d8380db...11.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 03:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2b7d8380db105e7af3514a3e781d5f0021ff63c2dd9e76131d792b7c0cca1911.exe

  • Size

    1.4MB

  • MD5

    0379af035e015bfca44756af69a6db0e

  • SHA1

    ba8d4d267085b3beb846ce09ccb7e03ba48b56ff

  • SHA256

    2b7d8380db105e7af3514a3e781d5f0021ff63c2dd9e76131d792b7c0cca1911

  • SHA512

    8f4f88f01fa386523b115e6e8271741246ca73b482bc6b0c8f1fdf5adad2007c3f2d4dba5f1273c21b1a2f6e868433248fd2e6ce5938a13412e97752b2339bf0

  • SSDEEP

    24576:jIGrGmayqYSyTgZlLk2QPSHBIcP3bprWvuMg1N4lB:diyqHykZlYeBVfb2wNy

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2b7d8380db105e7af3514a3e781d5f0021ff63c2dd9e76131d792b7c0cca1911.exe
    "C:\Users\Admin\AppData\Local\Temp\2b7d8380db105e7af3514a3e781d5f0021ff63c2dd9e76131d792b7c0cca1911.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3168
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x500 0x498
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3168-0-0x0000000000400000-0x0000000001019000-memory.dmp

    Filesize

    12.1MB

    Download

  • memory/3168-1-0x0000000000400000-0x0000000001019000-memory.dmp

    Filesize

    12.1MB

    Download

  • memory/3168-3-0x0000000000400000-0x0000000001019000-memory.dmp

    Filesize

    12.1MB

    Download