68872e2049f84d68a9e01367f635b54e9277eecadac34b5b119464d15102e0ba | Triage

Analysis

max time kernel
18s
max time network
19s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
28/05/2024, 04:24

Sharing

Report Analysis Logs

General

Target

Dark Signature.exe
Size

2.6MB
MD5

518c99fb0284fd61d5c31c756c1abbfe
SHA1

95d8bb76c6a0f5e71a529be4567fda9e207a8860
SHA256

68872e2049f84d68a9e01367f635b54e9277eecadac34b5b119464d15102e0ba
SHA512

107447cd57b8362997b627429e3f92a087122b2c7e77158e90b63ab15b78a17a1b35caa4bec2efed95412522ea06396e89579c9e36286945529e0f157460b305
SSDEEP

49152:WQO722eBDyrmZJmYBtN5kyFBKtLGPH1SfOgY9Zl8e2kgUF7N1R:VtDyrmZJmG75JFBKIR

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
4912	Dark Signature.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4912	Dark Signature.exe

C:\Users\Admin\AppData\Local\Temp\Dark Signature.exe
"C:\Users\Admin\AppData\Local\Temp\Dark Signature.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:4912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads