Overview

overview

7

Static

static

3

46de17a9f3...47.exe

windows7-x64

1

46de17a9f3...47.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    95s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/07/2024, 11:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    46de17a9f34a2fbb8ef600636f3ab4029da16b96dade762edea8a0b395c44c47.exe

  • Size

    1.4MB

  • MD5

    45bcd1a2e4dd8c4c7b5e7ead87b03606

  • SHA1

    0db551b1010c64355d6cd3aaa277b6a33d662879

  • SHA256

    46de17a9f34a2fbb8ef600636f3ab4029da16b96dade762edea8a0b395c44c47

  • SHA512

    d1b12d7de4fda28aa2e12ec86ced2ae1321400364a94f001a7c562f15b13704f508f58392426541c18beee64d9cf692ee6d4910b059ffbf058eeadc381918998

  • SSDEEP

    12288:XiM9F0qkZupNsINnX+s/u3t6z5Y32w7ErGgRfmwWrp0:wZUnssGU1Y32SXg1mJt

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\46de17a9f34a2fbb8ef600636f3ab4029da16b96dade762edea8a0b395c44c47.exe
    "C:\Users\Admin\AppData\Local\Temp\46de17a9f34a2fbb8ef600636f3ab4029da16b96dade762edea8a0b395c44c47.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:5000
  • C:\Windows\System32\alg.exe
    C:\Windows\System32\alg.exe
    1⤵
    • Executes dropped EXE
    PID:680

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\System32\alg.exe
          Filesize

          1.3MB

          MD5

          1c5492444c3fd99ef563501df98b43f0

          SHA1

          f82c4f15b1f2aaafcad43b9567153621b05600f3

          SHA256

          ae3f7f0b212296a99b8f261aaa916be0447c9db59623aad69815840fe5f752bc

          SHA512

          fad5660a307b719d697fd93395696e01efef858c4ad40cfb219897c5236ea39872a6f79e98f809b46c903073e05db17311a1873eb089a0794b3d0272064a6646

          Download Submit

        • memory/680-16-0x0000000140000000-0x0000000140201000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/680-17-0x0000000140000000-0x0000000140201000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/5000-0-0x00000000020B0000-0x0000000002110000-memory.dmp

          Filesize

          384KB

          Download

        • memory/5000-7-0x00000000020B0000-0x0000000002110000-memory.dmp

          Filesize

          384KB

          Download

        • memory/5000-6-0x0000000140000000-0x000000014020C000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/5000-13-0x00000000020B0000-0x0000000002110000-memory.dmp

          Filesize

          384KB

          Download

        • memory/5000-15-0x0000000140000000-0x000000014020C000-memory.dmp

          Filesize

          2.0MB

          Download