6d1c754a02ed1e10d90f1fbac86d76c58134580f661960cc4010d6aebd23971c

Analysis

max time kernel
97s
max time network
99s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
03/09/2024, 16:53

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6d1c754a02ed1e10d90f1fbac86d76c58134580f661960cc4010d6aebd23971c.exe
Size

997KB
MD5

25493e70f11b7b038e70f4d21c9f4ce2
SHA1

7190a96fa2d89d341f42907a81132e2f6416ebc5
SHA256

6d1c754a02ed1e10d90f1fbac86d76c58134580f661960cc4010d6aebd23971c
SHA512

db8ba733af98ddbf78836a752742ff0bf05d8092cf85f8b84cb847c1a406f352925a2526395cd2fa0e6cd0e8c165c803f74b9e228be19da4d722761a71388bea
SSDEEP

24576:4iqngaKoDdvb4ZgQhObVNuiQ+t5TJlD+c0L:4iqngFgdvMZgQhObVF/t5CJ

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2676	6d1c754a02ed1e10d90f1fbac86d76c58134580f661960cc4010d6aebd23971c.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2676	6d1c754a02ed1e10d90f1fbac86d76c58134580f661960cc4010d6aebd23971c.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2676	6d1c754a02ed1e10d90f1fbac86d76c58134580f661960cc4010d6aebd23971c.exe

C:\Users\Admin\AppData\Local\Temp\6d1c754a02ed1e10d90f1fbac86d76c58134580f661960cc4010d6aebd23971c.exe
"C:\Users\Admin\AppData\Local\Temp\6d1c754a02ed1e10d90f1fbac86d76c58134580f661960cc4010d6aebd23971c.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
PID:2676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2676-0-0x00007FFD76353000-0x00007FFD76355000-memory.dmp

Filesize
8KB

Download
memory/2676-1-0x0000000000450000-0x00000000005A6000-memory.dmp

Filesize
1.3MB

Download
memory/2676-2-0x0000000002640000-0x0000000002656000-memory.dmp

Filesize
88KB

Download
memory/2676-3-0x000000001B230000-0x000000001B267000-memory.dmp

Filesize
220KB

Download
memory/2676-12-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-13-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-14-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-15-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-16-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-17-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-18-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-19-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-20-0x00007FFD76353000-0x00007FFD76355000-memory.dmp

Filesize
8KB

Download
memory/2676-21-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-22-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-23-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-24-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-25-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download
memory/2676-26-0x00007FFD76350000-0x00007FFD76E11000-memory.dmp

Filesize
10.8MB

Download