Overview

overview

10

Static

static

3

7ccfae8644...24.exe

windows7-x64

10

7ccfae8644...24.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    162s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-07-2024 03:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224.exe

  • Size

    5.4MB

  • MD5

    a2a9c309c5300a53d2c2fc41b71b174b

  • SHA1

    f6c26eae1925425fa8966266e87a57b688fad218

  • SHA256

    7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224

  • SHA512

    a29eec8fa98174a74e9bd93c5902cdd95ce329ff8b7a1469901a95705dc1d7fffde58afa296399febb8559d8cd73c932945e85cce8af54e7a672d8f1618e3f7c

  • SSDEEP

    98304:j+ddAtuMvY00V2vtQSH7OuqeGszSQTADu0mL63KQOKvYA1ZuoyQPNf+xKi:wdOuMvc8VdbOuqePmQTAKH63NYAiGfiT

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224.exe
    "C:\Users\Admin\AppData\Local\Temp\7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2864
    • C:\Users\Admin\AppData\Local\Temp\BLueHvffhw.exe
      "C:\Users\Admin\AppData\Local\Temp\BLueHvffhw.exe"
      2⤵
        PID:5112
        • C:\Users\Admin\AppData\Local\Temp\BLueHvffhw.exe
          "C:\Users\Admin\AppData\Local\Temp\BLueHvffhw.exe"
          3⤵
            PID:4648
        • C:\Users\Admin\AppData\Local\Temp\7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224.exe
          "C:\Users\Admin\AppData\Local\Temp\7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224.exe"
          2⤵
            PID:708
        • C:\Windows\SysWOW64\openwith.exe
          "C:\Windows\system32\openwith.exe"
          1⤵
            PID:3508

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224.exe.log
            Filesize

            805B

            MD5

            58a9108e39c2ea50e65c23be3a9407cf

            SHA1

            fb21f7b9330aa1a77080a3243b81b49035102d7b

            SHA256

            6049be83020702896a539b5c8c13270add224d7b91b3ee0bebc328791b74a84b

            SHA512

            93804ee8a4560503e47c07f5fa4a959e23355a01aba406c103d339debc9b2b1d20a345cdbb8d8069dac97b9151f228cf559ac3dde1500e3484fba1a4126842bf

            Download Submit
          • C:\Users\Admin\AppData\Local\Temp\BLueHvffhw.exe
            Filesize

            2.7MB

            MD5

            abf2da5b3e7845f50463a72f8b6e6aaa

            SHA1

            a5299f55950ca82134da73b9e9844c5d624114c3

            SHA256

            2a4b1ae0ae67cd31f85680e6351bd5b92ff61e246c158decb1a43a3ef01d9f2c

            SHA512

            570e8becd18b36d66a2ac295518c8ba3c0bc83d8a6175e601b509efd9237462d1d0826dbeb9e52465e7cdcd57cb4ae7fd859ddc4a5aad895cef6ef7fa981e8a4

            Download Submit
          • memory/708-5626-0x0000000075210000-0x00000000759C0000-memory.dmp
            Filesize

            7.7MB

            Download
          • memory/708-5340-0x0000000075210000-0x00000000759C0000-memory.dmp
            Filesize

            7.7MB

            Download
          • memory/708-5303-0x00000000056E0000-0x00000000056E8000-memory.dmp
            Filesize

            32KB

            Download
          • memory/708-4990-0x0000000075210000-0x00000000759C0000-memory.dmp
            Filesize

            7.7MB

            Download
          • memory/708-4913-0x0000000075210000-0x00000000759C0000-memory.dmp
            Filesize

            7.7MB

            Download
          • memory/708-4915-0x0000000000400000-0x00000000004B0000-memory.dmp
            Filesize

            704KB

            Download
          • memory/2864-56-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-49-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-12-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-18-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-20-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-22-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-16-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-26-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-24-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-28-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-30-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-32-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-34-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-36-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-50-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-44-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-60-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-68-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-66-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-64-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-62-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-58-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-0-0x000000007521E000-0x000000007521F000-memory.dmp
            Filesize

            4KB

            Download
          • memory/2864-54-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-52-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-42-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-41-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-14-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-46-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-38-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-4891-0x0000000075210000-0x00000000759C0000-memory.dmp
            Filesize

            7.7MB

            Download
          • memory/2864-4892-0x0000000075210000-0x00000000759C0000-memory.dmp
            Filesize

            7.7MB

            Download
          • memory/2864-4894-0x0000000000F20000-0x0000000000F6C000-memory.dmp
            Filesize

            304KB

            Download
          • memory/2864-4893-0x0000000007890000-0x0000000007C40000-memory.dmp
            Filesize

            3.7MB

            Download
          • memory/2864-5-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-4906-0x0000000005FA0000-0x0000000005FF4000-memory.dmp
            Filesize

            336KB

            Download
          • memory/2864-1-0x00000000001A0000-0x0000000000718000-memory.dmp
            Filesize

            5.5MB

            Download
          • memory/2864-2-0x0000000006320000-0x0000000006894000-memory.dmp
            Filesize

            5.5MB

            Download
          • memory/2864-6-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-3-0x00000000057A0000-0x0000000005D44000-memory.dmp
            Filesize

            5.6MB

            Download
          • memory/2864-8-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-4914-0x0000000075210000-0x00000000759C0000-memory.dmp
            Filesize

            7.7MB

            Download
          • memory/2864-10-0x0000000006320000-0x000000000688E000-memory.dmp
            Filesize

            5.4MB

            Download
          • memory/2864-4-0x0000000005290000-0x0000000005322000-memory.dmp
            Filesize

            584KB

            Download
          • memory/4648-9824-0x0000000000400000-0x00000000004AC000-memory.dmp
            Filesize

            688KB

            Download
          • memory/4648-9826-0x00000000050B0000-0x0000000005198000-memory.dmp
            Filesize

            928KB

            Download
          • memory/4648-12023-0x00000000051C0000-0x00000000051C8000-memory.dmp
            Filesize

            32KB

            Download
          • memory/4648-12024-0x0000000005380000-0x00000000053D6000-memory.dmp
            Filesize

            344KB

            Download
          • memory/4648-12025-0x0000000005510000-0x0000000005576000-memory.dmp
            Filesize

            408KB

            Download
          • memory/5112-4912-0x0000000005960000-0x0000000005C18000-memory.dmp
            Filesize

            2.7MB

            Download
          • memory/5112-4908-0x0000000075210000-0x00000000759C0000-memory.dmp
            Filesize

            7.7MB

            Download
          • memory/5112-4907-0x0000000000E50000-0x000000000110C000-memory.dmp
            Filesize

            2.7MB

            Download
          • memory/5112-9818-0x0000000075210000-0x00000000759C0000-memory.dmp
            Filesize

            7.7MB

            Download
          • memory/5112-9819-0x0000000006B80000-0x0000000006C74000-memory.dmp
            Filesize

            976KB

            Download
          • memory/5112-9825-0x0000000075210000-0x00000000759C0000-memory.dmp
            Filesize

            7.7MB

            Download