Overview

overview

3

Static

static

3

06dbd32e29...76.exe

windows7-x64

1

06dbd32e29...76.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/10/2024, 10:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    06dbd32e29913a3f610f763472645f7b09b827d682c7133a9ae8856c29513876.exe

  • Size

    1.7MB

  • MD5

    893ffe6059d675f473fc08add412d0cf

  • SHA1

    f14c62f32ae857faf41895927c847da1fb8477bc

  • SHA256

    06dbd32e29913a3f610f763472645f7b09b827d682c7133a9ae8856c29513876

  • SHA512

    802648dfa7b715785f7a64c7c4a654b5e49d2788a85523cdc0301f2453ba6d48d31965adc134489fccbdfb8f2357379ab0f05d1b4902442e7ae52a76702eca9f

  • SSDEEP

    24576:bL/vI4crHAyZ9BNfTIRF9pK6msSso/5cTgkiR1SYhq:bLIQyDV6msSs0cTgkAoY8

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\06dbd32e29913a3f610f763472645f7b09b827d682c7133a9ae8856c29513876.exe
    "C:\Users\Admin\AppData\Local\Temp\06dbd32e29913a3f610f763472645f7b09b827d682c7133a9ae8856c29513876.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4792-0-0x00007FFCFCEC3000-0x00007FFCFCEC5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4792-1-0x0000021781BD0000-0x0000021781D92000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/4792-2-0x00007FFCFCEC0000-0x00007FFCFD981000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4792-3-0x00007FFCFCEC3000-0x00007FFCFCEC5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4792-4-0x00007FFCFCEC0000-0x00007FFCFD981000-memory.dmp

    Filesize

    10.8MB

    Download