Overview

overview

10

Static

static

7

FEhkB_OsaH...PE.exe

windows7-x64

3

FEhkB_OsaH...PE.exe

windows10-2004-x64

7

FQ5NRIxS9E...ni.exe

windows7-x64

7

FQ5NRIxS9E...ni.exe

windows10-2004-x64

7

GEWsqYhryx..._Z.exe

windows7-x64

10

GEWsqYhryx..._Z.exe

windows10-2004-x64

10

GcNRfPQrt7...0i.exe

windows7-x64

10

GcNRfPQrt7...0i.exe

windows10-2004-x64

10

HKPHM9s7J_...V8.exe

windows7-x64

1

HKPHM9s7J_...V8.exe

windows10-2004-x64

1

HyHVsV9i0L...Hy.exe

windows7-x64

10

HyHVsV9i0L...Hy.exe

windows10-2004-x64

10

JC2pSzOI0Y...qp.exe

windows7-x64

9

JC2pSzOI0Y...qp.exe

windows10-2004-x64

9

JntlxTU2VS...XP.exe

windows7-x64

10

JntlxTU2VS...XP.exe

windows10-2004-x64

10

LIAbdwyShK...Gp.exe

windows7-x64

3

LIAbdwyShK...Gp.exe

windows10-2004-x64

3

Ls1JHbNzSC...JE.exe

windows7-x64

10

Ls1JHbNzSC...JE.exe

windows10-2004-x64

10

Mr4X5srRQR...AN.exe

windows7-x64

10

Mr4X5srRQR...AN.exe

windows10-2004-x64

10

OEmxRS9Uai...jI.exe

windows7-x64

10

OEmxRS9Uai...jI.exe

windows10-2004-x64

10

OvVYhhgvd6...oB.exe

windows7-x64

9

OvVYhhgvd6...oB.exe

windows10-2004-x64

9

QKvpJeDIaP...YY.exe

windows7-x64

9

QKvpJeDIaP...YY.exe

windows10-2004-x64

9

fCe2q13vzD...Di.exe

windows7-x64

10

fCe2q13vzD...Di.exe

windows10-2004-x64

10

fyiHA5hP7V...Ui.exe

windows7-x64

10

fyiHA5hP7V...Ui.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-11-2024 10:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HKPHM9s7J_npOwbKmifWThV8.exe

  • Size

    163KB

  • MD5

    ec3921304077e2ac56d2f5060adab3d5

  • SHA1

    923cf378ec34c6d660f88c7916c083bedb9378aa

  • SHA256

    b8f88d0b48fbf8c1eac3d72272ddc48c723cbf8ba0527fdf42ad20cc5724ab9f

  • SHA512

    3796aab3dd9822ba41b57ef009166e4f99adab87cf279f9d86d4d7f227128da8faf2da7290e84ebffc11f1e8d17dfd0d8db9c2691e7fc08a93a02f748e293d28

  • SSDEEP

    3072:T17+hYe5fY7GFGRGkhRFLRYXGd171jpxszmiGAGRC2:J7ii7R9FgGNHszmiGxRC

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\HKPHM9s7J_npOwbKmifWThV8.exe
    "C:\Users\Admin\AppData\Local\Temp\HKPHM9s7J_npOwbKmifWThV8.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3248-0-0x00007FFB07503000-0x00007FFB07505000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3248-1-0x0000000000470000-0x000000000049E000-memory.dmp

    Filesize

    184KB

    Download

  • memory/3248-2-0x0000000000D50000-0x0000000000D72000-memory.dmp

    Filesize

    136KB

    Download

  • memory/3248-3-0x00007FFB07500000-0x00007FFB07FC1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3248-5-0x00007FFB07500000-0x00007FFB07FC1000-memory.dmp

    Filesize

    10.8MB

    Download