Overview

overview

3

Static

static

3

24a5a0271f...ef.exe

windows7-x64

1

24a5a0271f...ef.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-07-2024 09:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    24a5a0271fd9c947f5f3854b7383d96f7bd92f9c66288d2053f58a56c89902ef.exe

  • Size

    543KB

  • MD5

    b86a858e1e9b561e1a4c6b6143725b21

  • SHA1

    3cef7ac2a7ddcd4b6932afbe9b2a2fd945dc5a70

  • SHA256

    24a5a0271fd9c947f5f3854b7383d96f7bd92f9c66288d2053f58a56c89902ef

  • SHA512

    f3392f38a4f79902a08f2bf35e5a1ae53f3f28a5158a9d93ea417acd67b7027dbe9f5ffe251b54fea31e2d3bc5aa7fdfc84bc7e5609dfc808f185be626f80f4c

  • SSDEEP

    6144:OADxMlezAwn/lbLDzwTTreK6Hn/D0aMkqkDh8ykhwRMu8n4u:lDxM00wntbLwiH/3MhkBj

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 36 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\24a5a0271fd9c947f5f3854b7383d96f7bd92f9c66288d2053f58a56c89902ef.exe
    "C:\Users\Admin\AppData\Local\Temp\24a5a0271fd9c947f5f3854b7383d96f7bd92f9c66288d2053f58a56c89902ef.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3428

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3428-0-0x0000000074ABE000-0x0000000074ABF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3428-1-0x00000000001E0000-0x000000000026E000-memory.dmp

    Filesize

    568KB

    Download

  • memory/3428-2-0x00000000052E0000-0x0000000005884000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/3428-3-0x0000000074AB0000-0x0000000075260000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/3428-4-0x0000000004DD0000-0x0000000004E62000-memory.dmp

    Filesize

    584KB

    Download

  • memory/3428-5-0x0000000004D80000-0x0000000004D86000-memory.dmp

    Filesize

    24KB

    Download

  • memory/3428-6-0x00000000051C0000-0x00000000051CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3428-7-0x00000000083D0000-0x00000000089E8000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/3428-8-0x0000000007F00000-0x000000000800A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/3428-9-0x0000000007E40000-0x0000000007E52000-memory.dmp

    Filesize

    72KB

    Download

  • memory/3428-10-0x0000000007EA0000-0x0000000007EDC000-memory.dmp

    Filesize

    240KB

    Download

  • memory/3428-11-0x0000000008010000-0x000000000805C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/3428-12-0x0000000074ABE000-0x0000000074ABF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3428-13-0x0000000074AB0000-0x0000000075260000-memory.dmp

    Filesize

    7.7MB

    Download