801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577

Resubmissions

14-08-2024 08:21

240814-j87g4sxajp 3

14-08-2024 08:14

240814-j4zlpswgmr 3

Analysis

max time kernel
140s
max time network
151s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
14-08-2024 08:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577.exe
Size

2.0MB
MD5

81e8199ea9d5d1f1fbd7d672e33d153b
SHA1

b728310af546ca1da67b574b8c97f9a5f6e358d5
SHA256

801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577
SHA512

c03a974940bc52abeae1139e38a2f9e9b76ccf88f5f93e076013b785c0b83f180c7024b753aa72f79aa1dac00771baf5f9c11bece439d82dad3ce3f9f6ec0703
SSDEEP

24576:7yhd4ukUcnCUNGi8e/5t1/HDvw1Zie7ayq:maUcnCUI7Yn1E1ZNGyq

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2388	801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577.exe
2388	801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577.exe
2388	801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577.exe
2388	801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577.exe
2388	801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577.exe
2388	801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2388	801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577.exe

C:\Users\Admin\AppData\Local\Temp\801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577.exe
"C:\Users\Admin\AppData\Local\Temp\801c0082051dade202318000dddf6f0f0817fb598f6b2b03a77f106f95529577.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2388-0-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-3-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-14-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-21-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-20-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-19-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-18-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-17-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-16-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-15-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-22-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-23-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-24-0x0000000000400000-0x0000000000605000-memory.dmp

Filesize
2.0MB

Download
memory/2388-28-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-30-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-34-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-36-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download
memory/2388-41-0x0000000001FF0000-0x00000000020EE000-memory.dmp

Filesize
1016KB

Download