d5f8eb0edebe70c35afa41a543c33a13476a69b34179e5b136aed4e748783ae6

Analysis

max time kernel
30s
max time network
31s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
03-06-2024 02:52

Target

Carloader.exe
Size

1024KB
MD5

4f6b39da75b1652be712f089cff73064
SHA1

f03472c24382b5d13bacfd02f103c6cdd7e8f695
SHA256

d5f8eb0edebe70c35afa41a543c33a13476a69b34179e5b136aed4e748783ae6
SHA512

f8b2821855611288dc095f82ef9a96464101822326640fabb63c5179d0ec35abb7eba561291e4d386b55be0cc2edd7f5504697cdbeda32508480a46a71823db8
SSDEEP

12288:/B0upmUU2fP/gtKupmUU6w6upmUU5mCgtEBpmUbS:/4UUUHXUUdMUUgCmUbS

Score

4^/10

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\onetapv0.2.dll	Carloader.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1516	Carloader.exe

memory/1516-0-0x0000000074B6E000-0x0000000074B6F000-memory.dmp

Filesize
4KB

Download
memory/1516-1-0x00000000004C0000-0x00000000005C6000-memory.dmp

Filesize
1.0MB

Download
memory/1516-2-0x00000000054C0000-0x0000000005A64000-memory.dmp

Filesize
5.6MB

Download
memory/1516-3-0x0000000004FF0000-0x0000000005082000-memory.dmp

Filesize
584KB

Download
memory/1516-4-0x0000000004FD0000-0x0000000004FDA000-memory.dmp

Filesize
40KB

Download
memory/1516-5-0x0000000074B60000-0x0000000075310000-memory.dmp

Filesize
7.7MB

Download
memory/1516-6-0x0000000074B60000-0x0000000075310000-memory.dmp

Filesize
7.7MB

Download
memory/1516-7-0x0000000074B6E000-0x0000000074B6F000-memory.dmp

Filesize
4KB

Download
memory/1516-8-0x0000000074B60000-0x0000000075310000-memory.dmp

Filesize
7.7MB

Download
memory/1516-10-0x0000000074B60000-0x0000000075310000-memory.dmp

Filesize
7.7MB

Download