Overview

overview

10

Static

static

10

ClientHide.exe

windows7-x64

1

ClientHide.exe

windows10-2004-x64

1

ClientIL.exe

windows7-x64

1

ClientIL.exe

windows10-2004-x64

1

ClientObf.exe

windows7-x64

1

ClientObf.exe

windows10-2004-x64

1

ClientPress.exe

windows7-x64

1

ClientPress.exe

windows10-2004-x64

1

ClientPubType.exe

windows7-x64

1

ClientPubType.exe

windows10-2004-x64

1

ClientRandName.exe

windows7-x64

1

ClientRandName.exe

windows10-2004-x64

1

ClientString.exe

windows7-x64

1

ClientString.exe

windows10-2004-x64

1

ClientTamp.exe

windows7-x64

1

ClientTamp.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    11/06/2024, 22:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ClientIL.exe

  • Size

    51KB

  • MD5

    3f9191fa1b76f6472761471c985c4742

  • SHA1

    63d992020f3d619e650d62dc6b2f63230cac287f

  • SHA256

    616c1e73617a8da587216cf8f2138455f97d6d85009d5c436e8d78085cf09832

  • SHA512

    737a905b837c60ea94344e2c49ec50e7d517e3188fdfe92c9a3e568a4b70331d1aa7a5e14b3e22ead81600e270c36001f6eba26cd46ed314a794a0aafb787cb6

  • SSDEEP

    1536:gA+lg859qpc20Gg+SnXo0sYTfc9nyc/Pn2S:gAPcIW4dI0yc/P2S

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ClientIL.exe
    "C:\Users\Admin\AppData\Local\Temp\ClientIL.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2176-0-0x0000000074641000-0x0000000074642000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2176-1-0x0000000074640000-0x0000000074BEB000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/2176-2-0x0000000074640000-0x0000000074BEB000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/2176-3-0x0000000074640000-0x0000000074BEB000-memory.dmp

    Filesize

    5.7MB

    Download