Overview

overview

8

Static

static

3

antagonist...al.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    8s
  • max time network
    10s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/09/2024, 17:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    antagonist-external.exe

  • Size

    1.0MB

  • MD5

    6b1f423d12ae1fd478e2dff2cd3be684

  • SHA1

    391574210b52782cd40acaec3f4134090479ce38

  • SHA256

    83ed126015c0679c6af62219e18ee155b69fd36fb4c83303cef0545cf47d8d37

  • SHA512

    c5195f6f5692f864c32d7af1387a7c7f601c4ee02a49414c963d28afb89bb98e213d5ea50af0aed2bf31161b9a20285342545bbe4960f7305a1367bf74824b30

  • SSDEEP

    24576:jQRWEyUaP0cuDWU2CxEm12sOpg80GyK9:cRWEFEg2k123pg80G

Score
8/10
persistence

Malware Config

Signatures

  • Sets service image path in registry 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\antagonist-external.exe
    "C:\Users\Admin\AppData\Local\Temp\antagonist-external.exe"
    1⤵
    • Sets service image path in registry
    • Suspicious behavior: LoadsDriver
    • Suspicious use of AdjustPrivilegeToken
    PID:3372

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads