Overview

overview

7

Static

static

3

a9b071f6f2...c6.exe

windows7-x64

1

a9b071f6f2...c6.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2024 15:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a9b071f6f264b93eed59ac986defe989fa6629489a3566baaf9e7195867667c6.exe

  • Size

    654KB

  • MD5

    ddb557bbc683c80ab107d1ca9789219f

  • SHA1

    4513139db746f8ee61d654a4ac8d3fb4b40f3962

  • SHA256

    a9b071f6f264b93eed59ac986defe989fa6629489a3566baaf9e7195867667c6

  • SHA512

    dd8574367b4f316e6d0c0d33e79e1b48281a8469c7008f87c07e4042f4b54c36ee2fc8568d0f4e45727400b0fb6dd5347a93258a4de63b39c9af947696b10cf7

  • SSDEEP

    12288:8kYlc+pFByStv9JRa//inz86NRo1qiRlUWC4kXzVC3:8Vc+pFB5z+//ufNRoZW

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a9b071f6f264b93eed59ac986defe989fa6629489a3566baaf9e7195867667c6.exe
    "C:\Users\Admin\AppData\Local\Temp\a9b071f6f264b93eed59ac986defe989fa6629489a3566baaf9e7195867667c6.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2200-0-0x0000000030000000-0x00000000300A7000-memory.dmp

    Filesize

    668KB

    Download

  • memory/2200-1-0x0000000001C20000-0x0000000001C87000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2200-6-0x0000000001C20000-0x0000000001C87000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2200-11-0x0000000030000000-0x00000000300A7000-memory.dmp

    Filesize

    668KB

    Download