Resubmissions

05-09-2023 01:34

230905-by5lrsch46 10

Analysis

  • max time kernel
    134s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-05-2024 01:20

General

  • Target

    e1051e77a093d4fd5c81b43914bff83dce8662374f1c7e4b3a082ce2094870c0.exe

  • Size

    79KB

  • MD5

    d4cd720a666d79b2ab49106c8a9f36f6

  • SHA1

    9098478ffab34d0d9e334dce3cd1769b86be166b

  • SHA256

    e1051e77a093d4fd5c81b43914bff83dce8662374f1c7e4b3a082ce2094870c0

  • SHA512

    586ef5a136c0d1ab918af6745ad8ab2c922fddff4748a495c5e183c9dae608d0cf3dd7c642b8212e63cdc003f93f64f9b3b19c5250468e699e5c07d1c6f84f61

  • SSDEEP

    768:vljP1pmjALZy6prdO7K+tJpN201s9jmHt8N5zg7de8Aaiqk329ZvUDJK9BHXYpoz:vsuHQelfUAauuVU0TKoLOIrdppmdQ

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e1051e77a093d4fd5c81b43914bff83dce8662374f1c7e4b3a082ce2094870c0.exe
    "C:\Users\Admin\AppData\Local\Temp\e1051e77a093d4fd5c81b43914bff83dce8662374f1c7e4b3a082ce2094870c0.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4368-0-0x000000007461E000-0x000000007461F000-memory.dmp

    Filesize

    4KB

  • memory/4368-1-0x0000000000A80000-0x0000000000A9A000-memory.dmp

    Filesize

    104KB

  • memory/4368-2-0x0000000074610000-0x0000000074DC0000-memory.dmp

    Filesize

    7.7MB

  • memory/4368-3-0x000000007461E000-0x000000007461F000-memory.dmp

    Filesize

    4KB

  • memory/4368-4-0x0000000074610000-0x0000000074DC0000-memory.dmp

    Filesize

    7.7MB