Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
06-06-2024 01:33
Static task
static1
Behavioral task
behavioral1
Sample
6eb3b2125a126862766307070afbd35b012850563523bdda2ce3cfe952af6fdb.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6eb3b2125a126862766307070afbd35b012850563523bdda2ce3cfe952af6fdb.exe
Resource
win10v2004-20240426-en
General
-
Target
6eb3b2125a126862766307070afbd35b012850563523bdda2ce3cfe952af6fdb.exe
-
Size
14.0MB
-
MD5
601cedc4e5ec2d83b8df1f2a9834528e
-
SHA1
f5e3b1a522bc4f705c87aa853384e53b7378de05
-
SHA256
6eb3b2125a126862766307070afbd35b012850563523bdda2ce3cfe952af6fdb
-
SHA512
045757ccbc0c8f367c600ed94eff932cf753b5a793f274e681a31eb2f2b13b27ea8c1031841e319f0447ccdcf296e8ee77065050425fd85a380a90dea54b1101
-
SSDEEP
98304:Rhcqnt8zi8o5jX24Y/fmLaZv7x4iPdL0zKcKv9QZIaGSNLQKlgzmRXkWe:RHntxX24Y/Vd131LIbZIpSLQKiik
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
pid Process 1632 6eb3b2125a126862766307070afbd35b012850563523bdda2ce3cfe952af6fdb.exe 1632 6eb3b2125a126862766307070afbd35b012850563523bdda2ce3cfe952af6fdb.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 1632 6eb3b2125a126862766307070afbd35b012850563523bdda2ce3cfe952af6fdb.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.8MB
MD5ffdcf232d0bb2fff78721fb347641a76
SHA154c76a2fa61e6df1ae4c9df65435a38482c2cb71
SHA256ff42bca704605e187abb45523868b15128d6af1c28ad40a4579d507d34a953b2
SHA51289df103556cfbd955283bee551576134f9a7b0d121e12cf6df4e9f4028075b2c4ff9d22886cfd21b10d0a0d6e640db784b74d42ebac4a45ccb9ce9c725a1fdf1