Overview

overview

10

Static

static

10

ClientHide.exe

windows7-x64

1

ClientHide.exe

windows10-2004-x64

1

ClientIL.exe

windows7-x64

1

ClientIL.exe

windows10-2004-x64

1

ClientObf.exe

windows7-x64

1

ClientObf.exe

windows10-2004-x64

1

ClientPress.exe

windows7-x64

1

ClientPress.exe

windows10-2004-x64

1

ClientPubType.exe

windows7-x64

1

ClientPubType.exe

windows10-2004-x64

1

ClientRandName.exe

windows7-x64

1

ClientRandName.exe

windows10-2004-x64

1

ClientString.exe

windows7-x64

1

ClientString.exe

windows10-2004-x64

1

ClientTamp.exe

windows7-x64

1

ClientTamp.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/06/2024, 22:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ClientRandName.exe

  • Size

    16KB

  • MD5

    ee074591c120441a83cf4b5264a8f5a3

  • SHA1

    db49dcba75132b7d5a30d6b36b438f1f2afdf73f

  • SHA256

    a1386e5761069eb672511216ae6069ce1c65c6a29b338ae78c863a11b5425748

  • SHA512

    f18c119529b794410e95f14fdbc84f07894b5b4b21a60f20909a31d6227e3eafeede3db9d1b63716f77d9e480f5a235afdfd662e21097bd7f221b984473cb393

  • SSDEEP

    384:a/5gtLhlVD/Ng0j9muhNculb5sSZVcyO5Ct:a/5gphlVh9wuhNfdko

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ClientRandName.exe
    "C:\Users\Admin\AppData\Local\Temp\ClientRandName.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4484-0-0x00007FFD7D9C5000-0x00007FFD7D9C6000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4484-2-0x000000001B8A0000-0x000000001BD6E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/4484-1-0x00007FFD7D710000-0x00007FFD7E0B1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/4484-3-0x000000001BE20000-0x000000001BEC6000-memory.dmp

    Filesize

    664KB

    Download

  • memory/4484-4-0x000000001BFF0000-0x000000001C052000-memory.dmp

    Filesize

    392KB

    Download

  • memory/4484-5-0x00007FFD7D710000-0x00007FFD7E0B1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/4484-6-0x00007FFD7D9C5000-0x00007FFD7D9C6000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4484-7-0x00007FFD7D710000-0x00007FFD7E0B1000-memory.dmp

    Filesize

    9.6MB

    Download