Overview

overview

10

Static

static

10

Energetic ...nt.exe

windows7-x64

1

Energetic ...nt.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    76s
  • max time network
    76s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240910-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-09-2024 03:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Energetic Bear Implant.exe

  • Size

    1.9MB

  • MD5

    f901c645188f9c80afa8f49174f065ce

  • SHA1

    272bc9298b394760d68e14dcf479233800a098a9

  • SHA256

    9385d7e149bcda79e5a4291ad422c160be8297d029d04ee04c50240fe53aa900

  • SHA512

    8de72f93ab1a507a08a283da4e8948756364d45fa70e8332da424b27a9cb8d6c3ad93cb5062343a6cc8cf0009d7c7d3fef8e209f99fedbe02b7d2d5c010c291c

  • SSDEEP

    24576:7MWHiFDV07ECXo4tu619SbX7ZwwjeJJV+CBqAKngHu8LNZZ/LJCPlyPlVzOCr:WJ6qbroCn8u8jhL0PMtVSCr

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Energetic Bear Implant.exe
    "C:\Users\Admin\AppData\Local\Temp\Energetic Bear Implant.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    PID:4328
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x514 0x504
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\cyber.avi
    Filesize

    492KB

    MD5

    979128b6017961ec9f5b961ede4d8fb3

    SHA1

    08163ba22e83273398a851b164c4a2cd364dc809

    SHA256

    989101a0ae548a578aba8612ee89696bea81e899c92f0b697ea31e6db53f10fc

    SHA512

    afc1a8c4f80c57b27cfb764ce6d8354c1700ae90baed4d7562796f235087f900dfeb486ecd7602bf3b50a2ff470e410925f5cdb7ff89fe7a576abaf18621a626

    Download Submit