Overview

overview

10

Static

static

3

Pago_trans...ia.exe

windows7-x64

5

Pago_trans...ia.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    31-05-2024 07:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Pago_transferencia.exe

  • Size

    242KB

  • MD5

    5910e4d900fcda28e32e7f7bf7d24487

  • SHA1

    60f61f3719fe959563de46b53c2547a39235a090

  • SHA256

    ffca962687d50ad9f158e62a6c042efe67fbb9bdad9799ccd60762c03466d13c

  • SHA512

    fb71156f713496b96b6e939048c581012d863cad54e5f9404d2d7717962c3d53ff185fb4e2d303bb9b3dcda3e5926e2955fe7f7f36fd3d5afb305449c20b41e1

  • SSDEEP

    6144:vDW47RVrcLlgIV4631u+b4R+vUYmGiL2UU3rq+NdI:vDj77cLlgq319bgX/L2UU3rq+NG

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 27 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Pago_transferencia.exe
    "C:\Users\Admin\AppData\Local\Temp\Pago_transferencia.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2452
    • C:\Users\Admin\AppData\Local\Temp\Pago_transferencia.exe
      C:\Users\Admin\AppData\Local\Temp\Pago_transferencia.exe
      2⤵
        PID:1252
      • C:\Users\Admin\AppData\Local\Temp\Pago_transferencia.exe
        C:\Users\Admin\AppData\Local\Temp\Pago_transferencia.exe
        2⤵
          PID:2656
        • C:\Users\Admin\AppData\Local\Temp\Pago_transferencia.exe
          C:\Users\Admin\AppData\Local\Temp\Pago_transferencia.exe
          2⤵
            PID:2796

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2452-0-0x0000000074E4E000-0x0000000074E4F000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2452-1-0x0000000000240000-0x0000000000286000-memory.dmp

          Filesize

          280KB

          Download

        • memory/2452-2-0x00000000002A0000-0x00000000002A6000-memory.dmp

          Filesize

          24KB

          Download

        • memory/2452-3-0x0000000074E40000-0x000000007552E000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/2452-4-0x0000000000880000-0x00000000008C0000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2452-5-0x0000000000770000-0x0000000000776000-memory.dmp

          Filesize

          24KB

          Download

        • memory/2452-9-0x0000000074E40000-0x000000007552E000-memory.dmp

          Filesize

          6.9MB

          Download