Overview

overview

3

Static

static

3

Pliego+T�...y+.exe

windows7-x64

3

Pliego+T�...y+.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 01:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Pliego+Tcnico+-+Desmontaje+de+puerta+y+.exe

  • Size

    722KB

  • MD5

    b4d30842f7791c314b5793b467e2e40c

  • SHA1

    4fd12e0aa4c9843ff3b42aaf3c2efccb94d76124

  • SHA256

    8048e53dd3e484c96e5f586ab9e4152a173364144ad9a50baa050222f61d3a9e

  • SHA512

    3a3ff969fafcc390654e02ef1bb37687dd797fdcb96a9574e5d1e5166b548b75569bcbc2ef4fb78d784c1b0dd987c2e79988e17bc09d636952143dc047444c4e

  • SSDEEP

    12288:+jv732EXsNCjClPiCrybSHcPw+DN53qPIfm6JIqQXElHnsKptYP9ciE8b7PXVj:qb2w6la4fAiPI+6CElHntfYPaiE8b7tj

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 9 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Pliego+Tcnico+-+Desmontaje+de+puerta+y+.exe
    "C:\Users\Admin\AppData\Local\Temp\Pliego+Tcnico+-+Desmontaje+de+puerta+y+.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2136 -s 728
      2⤵
      • Program crash
      PID:2404

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2136-0-0x00000000742AE000-0x00000000742AF000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2136-1-0x0000000000900000-0x00000000009BA000-memory.dmp
    Filesize

    744KB

    Download
  • memory/2136-2-0x00000000742A0000-0x000000007498E000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/2136-3-0x0000000005900000-0x00000000059BA000-memory.dmp
    Filesize

    744KB

    Download
  • memory/2136-4-0x00000000004C0000-0x00000000004E2000-memory.dmp
    Filesize

    136KB

    Download
  • memory/2136-5-0x00000000004A0000-0x00000000004AC000-memory.dmp
    Filesize

    48KB

    Download
  • memory/2136-6-0x00000000005E0000-0x00000000005F0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2136-7-0x000000000D180000-0x000000000D204000-memory.dmp
    Filesize

    528KB

    Download
  • memory/2136-8-0x00000000742AE000-0x00000000742AF000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2136-9-0x00000000742A0000-0x000000007498E000-memory.dmp
    Filesize

    6.9MB

    Download