Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-06-2024 01:46

General

  • Target

    1b836888dacc8feeddae02ee6b7451b13450c8b01df32a9cbb3401d6549f0006.exe

  • Size

    693KB

  • MD5

    5b289698231b48cb0762ff5ad0dc0b39

  • SHA1

    8061af867135a6b7aa2620dbeba27f470c871d61

  • SHA256

    1b836888dacc8feeddae02ee6b7451b13450c8b01df32a9cbb3401d6549f0006

  • SHA512

    bbca22a2114e9efb923e8f32480b7b532adfa14398f61e15ff888c4b572858b64d6614ae3c91b7582a5da8da9078bfcef347cb84cfae60e728201524b862a0fd

  • SSDEEP

    12288:0W/RA5STkep6Mlqnl3LkcBDVXFamBD/UFHn0JkrBSxF6w7RTIYCNp:0Mm5SH6MIl3LkGDhsmD/U0yO7xItNp

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1b836888dacc8feeddae02ee6b7451b13450c8b01df32a9cbb3401d6549f0006.exe
    "C:\Users\Admin\AppData\Local\Temp\1b836888dacc8feeddae02ee6b7451b13450c8b01df32a9cbb3401d6549f0006.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4884

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4884-0-0x00000000750EE000-0x00000000750EF000-memory.dmp

    Filesize

    4KB

  • memory/4884-1-0x00000000008F0000-0x00000000009A4000-memory.dmp

    Filesize

    720KB

  • memory/4884-2-0x00000000057E0000-0x0000000005D84000-memory.dmp

    Filesize

    5.6MB

  • memory/4884-3-0x00000000050D0000-0x0000000005162000-memory.dmp

    Filesize

    584KB

  • memory/4884-4-0x0000000005230000-0x00000000052CC000-memory.dmp

    Filesize

    624KB

  • memory/4884-5-0x00000000750E0000-0x0000000075890000-memory.dmp

    Filesize

    7.7MB

  • memory/4884-7-0x00000000750E0000-0x0000000075890000-memory.dmp

    Filesize

    7.7MB