Overview

overview

3

Static

static

3

bf3951b35c...0N.exe

windows7-x64

1

bf3951b35c...0N.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-08-2024 14:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bf3951b35c78ef693e09d92e89bd77a0N.exe

  • Size

    24KB

  • MD5

    bf3951b35c78ef693e09d92e89bd77a0

  • SHA1

    2bc63480e7f849c64cf543c09d78a1cdf3892931

  • SHA256

    52694266605c19c54aff9238384eefde514df9b40ce1ff62552c00971fe2c1b0

  • SHA512

    25bc84e2531c080494dd0fad527a53dfc18074745ced5ecbcce72e00dfd5fd8482feb7d319f3e6dda50bc2e37ced03176cd3754659da8e28c96bacafa7ea3b7e

  • SSDEEP

    384:wOOaY7GwATnR6BB6gVEh9qBToKjaXPcIL/H4y8s1RimYlvltzTwL5zToJIY+OTuj:LY74R2B7btLFUAy8sRiBn0L5zT8xirqY

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bf3951b35c78ef693e09d92e89bd77a0N.exe
    "C:\Users\Admin\AppData\Local\Temp\bf3951b35c78ef693e09d92e89bd77a0N.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4784

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_hiz5e1bf.4zl.ps1
    Filesize

    60B

    MD5

    d17fe0a3f47be24a6453e9ef58c94641

    SHA1

    6ab83620379fc69f80c0242105ddffd7d98d5d9d

    SHA256

    96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

    SHA512

    5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

    Download Submit

  • memory/4784-0-0x00007FFA3F993000-0x00007FFA3F995000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4784-1-0x0000000000CF0000-0x0000000000CFC000-memory.dmp

    Filesize

    48KB

    Download

  • memory/4784-2-0x0000000002D50000-0x0000000002D62000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4784-12-0x00007FFA3F990000-0x00007FFA40451000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4784-13-0x000000001C090000-0x000000001C0B2000-memory.dmp

    Filesize

    136KB

    Download

  • memory/4784-14-0x00007FFA3F990000-0x00007FFA40451000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4784-15-0x00007FFA3F990000-0x00007FFA40451000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4784-16-0x00007FFA3F993000-0x00007FFA3F995000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4784-17-0x00007FFA3F990000-0x00007FFA40451000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4784-18-0x00007FFA3F990000-0x00007FFA40451000-memory.dmp

    Filesize

    10.8MB

    Download