Overview

overview

3

Static

static

3

fa94202b71...e7.exe

windows7-x64

1

fa94202b71...e7.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/08/2024, 02:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fa94202b71be4437756ae4a838df3de1555cc921af216492a9787a4c62c96ee7.exe

  • Size

    331KB

  • MD5

    2f4528a6423ffce4b05933335053b5a6

  • SHA1

    56b6fdb6ea2bc6976d8187317f1ae40b8e050e9d

  • SHA256

    fa94202b71be4437756ae4a838df3de1555cc921af216492a9787a4c62c96ee7

  • SHA512

    90b0f599b053bf82216bee20a757b1bf4ed5fe846bbd454d9138acec14ed4f8560f55a12b0765c439066479b06c3de4b8b76c2310246744c2834d6547561fde5

  • SSDEEP

    768:d1hYQe2VzEjss2yXg1ILcn0sspAgpq80Lyg1uMN0+dzsRU+eEt:fhYQ7E/pqrLy0uyz+ft

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fa94202b71be4437756ae4a838df3de1555cc921af216492a9787a4c62c96ee7.exe
    "C:\Users\Admin\AppData\Local\Temp\fa94202b71be4437756ae4a838df3de1555cc921af216492a9787a4c62c96ee7.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2296-0-0x00007FFFFF523000-0x00007FFFFF525000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2296-1-0x000001EF89CF0000-0x000001EF89D46000-memory.dmp

    Filesize

    344KB

    Download

  • memory/2296-2-0x00007FFFFF520000-0x00007FFFFFFE1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2296-3-0x00007FFFFF523000-0x00007FFFFF525000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2296-4-0x00007FFFFF520000-0x00007FFFFFFE1000-memory.dmp

    Filesize

    10.8MB

    Download