Overview

overview

10

Static

static

3

$77-Example.exe

windows7-x64

1

$77-Example.exe

windows10-2004-x64

1

BytecodeApi.UI.dll

windows7-x64

1

BytecodeApi.UI.dll

windows10-2004-x64

1

BytecodeApi.dll

windows7-x64

1

BytecodeApi.dll

windows10-2004-x64

1

Helper32.dll

windows7-x64

3

Helper32.dll

windows10-2004-x64

3

Helper64.dll

windows7-x64

1

Helper64.dll

windows10-2004-x64

1

Install.exe

windows7-x64

10

Install.exe

windows10-2004-x64

10

TestConsole.exe

windows7-x64

3

TestConsole.exe

windows10-2004-x64

3

r77-x64.dll

windows7-x64

1

r77-x64.dll

windows10-2004-x64

1

r77-x86.dll

windows7-x64

3

r77-x86.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29/10/2024, 00:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TestConsole.exe

  • Size

    262KB

  • MD5

    1f195793c2802ebeddcdb1b13f23476e

  • SHA1

    216efe9bcd245350baf37d5bc3b5073cdb5f2e31

  • SHA256

    cae860044d6969b1e7540c97eb7371e4df1be08b1caaab64424425aa7a23a6ee

  • SHA512

    4f6ec7e606d6e12a17083fc6aa21ca3f5d523d7ab6ea41d939708bff0f8ca540e442789b658c239c089f20d0ce40fdac1426d64757859e166a96dd9ed499eece

  • SSDEEP

    6144:VybkRvlY/lWqgYiwRVi8O2JQ2366PvbfhssEA:GkRsq2JQ23PPvzhD9

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TestConsole.exe
    "C:\Users\Admin\AppData\Local\Temp\TestConsole.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2728

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2728-0-0x000007FEF4E83000-0x000007FEF4E84000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2728-1-0x0000000000330000-0x0000000000376000-memory.dmp

    Filesize

    280KB

    Download

  • memory/2728-2-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-3-0x0000000000770000-0x00000000007C6000-memory.dmp

    Filesize

    344KB

    Download

  • memory/2728-4-0x00000000004B0000-0x00000000004CA000-memory.dmp

    Filesize

    104KB

    Download

  • memory/2728-6-0x0000000000550000-0x000000000055A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2728-5-0x0000000000550000-0x000000000055A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2728-7-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-11-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-12-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-13-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-14-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-15-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-16-0x000007FEF4E83000-0x000007FEF4E84000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2728-17-0x0000000000550000-0x000000000055A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2728-18-0x0000000000550000-0x000000000055A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2728-19-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-20-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-21-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-22-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2728-23-0x000007FEF4E80000-0x000007FEF586C000-memory.dmp

    Filesize

    9.9MB

    Download