Overview

overview

7

Static

static

7

8bb7b885c7...0N.exe

windows7-x64

3

8bb7b885c7...0N.exe

windows10-2004-x64

3

$EXEFILE.exe

windows7-x64

4

$EXEFILE.exe

windows10-2004-x64

4

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

wget.exe

windows7-x64

7

wget.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    95s
  • max time network
    97s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-09-2024 12:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $EXEFILE.exe

  • Size

    244KB

  • MD5

    baef4b564ae6b51a4c5bdcc73fa87b47

  • SHA1

    f0096a378875576c8a64530f3c8d7ba2f107c935

  • SHA256

    966863ab8106ee72a1bc7b425b85501564f95599ad612db642ad081e5fe82100

  • SHA512

    e554e0ecab8ffacea55b4e689af78843c437c50c0d91c4f6c1dfeb450367a5740587486b355ccf4213fb9af835a2e436aa4d06b63b4b174966860bee9d05be50

  • SSDEEP

    3072:1l/72Bf4+RDnLLrgLDqUHNY8M2cKd+P7249U0/Yf7IN1Ytl7q:Xz2BACDvYr7MHKd+P7249U+E7Kq

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 5 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$EXEFILE.exe
    "C:\Users\Admin\AppData\Local\Temp\$EXEFILE.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2328-0-0x00007FFD76725000-0x00007FFD76726000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2328-1-0x00007FFD76470000-0x00007FFD76E11000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2328-2-0x0000000000870000-0x000000000087C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/2328-3-0x00007FFD76470000-0x00007FFD76E11000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2328-4-0x000000001B610000-0x000000001BADE000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/2328-5-0x000000001BAE0000-0x000000001BB7C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/2328-6-0x000000001B0E0000-0x000000001B0E8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2328-7-0x00007FFD76470000-0x00007FFD76E11000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2328-8-0x00007FFD76470000-0x00007FFD76E11000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2328-9-0x00007FFD76470000-0x00007FFD76E11000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2328-10-0x00007FFD76725000-0x00007FFD76726000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2328-11-0x00007FFD76470000-0x00007FFD76E11000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2328-18-0x00007FFD76470000-0x00007FFD76E11000-memory.dmp

    Filesize

    9.6MB

    Download