Overview

overview

7

Static

static

5

ae28322e08...eN.exe

windows7-x64

7

ae28322e08...eN.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

DomaIQ.exe

windows7-x64

3

DomaIQ.exe

windows10-2004-x64

1

DomaIQ10.exe

windows7-x64

3

DomaIQ10.exe

windows10-2004-x64

1

config.dll

windows7-x64

1

config.dll

windows10-2004-x64

1

routes.dll

windows7-x64

1

routes.dll

windows10-2004-x64

1

setup__120.exe

windows7-x64

5

setup__120.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    102s
  • max time network
    92s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2024 18:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DomaIQ.exe

  • Size

    211KB

  • MD5

    27d5e5a09fa180c3238ed33bc7cf993b

  • SHA1

    355f72845fcf414001808a8491e8dee3b8863cfb

  • SHA256

    235602a88f5602010bc33f5b05671bfad3e2599d96273fc2c361357507ad08bc

  • SHA512

    036a7620212f83663ae0c7498501fdba1609bf68488b735ac30fd986ed6c9017c132d562798e9bbcc911945601ea17d64e00020331ba2ef68cd5251ec40ad04b

  • SSDEEP

    6144:yX8M6vMCNntOkTsCtIwk3r2G7n58w4yw:dve7n3w

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DomaIQ.exe
    "C:\Users\Admin\AppData\Local\Temp\DomaIQ.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2628

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2628-0-0x00007FFF2B5F3000-0x00007FFF2B5F5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2628-1-0x0000000000B00000-0x0000000000B3A000-memory.dmp

    Filesize

    232KB

    Download

  • memory/2628-2-0x00007FFF2B5F0000-0x00007FFF2C0B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2628-3-0x00007FFF2B5F0000-0x00007FFF2C0B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2628-4-0x00007FFF2B5F0000-0x00007FFF2C0B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2628-5-0x00007FFF2B5F0000-0x00007FFF2C0B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2628-6-0x00007FFF2B5F3000-0x00007FFF2B5F5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2628-7-0x00007FFF2B5F0000-0x00007FFF2C0B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2628-10-0x000000001B860000-0x000000001BA09000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2628-11-0x00007FFF2B5F0000-0x00007FFF2C0B1000-memory.dmp

    Filesize

    10.8MB

    Download