Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/11/2024, 14:47

General

  • Target

    file.exe

  • Size

    349KB

  • MD5

    a0e20498bac13d9b370a901610882f82

  • SHA1

    e654ffe53da20163f206cb4f12b11a2b012a1a4a

  • SHA256

    b3c0234f9ddc1f0491dcae04ac4ef320d59b665fd4b863e73b365f0e848500ad

  • SHA512

    11ef23679fc648019248a244c732951b413b23a2294ec4dc9d7a32f40852fdacaa5fc5f6d6c29b0316b230a8c4f4c21b2481dc13bf012ffd23b362271245b8d8

  • SSDEEP

    6144:XKeGZIHGo14D9O0rmGO2d0d18gSwk4X7LXAeIKynOy1+21wl+1Xevlp:aec8Gd9O0rmbfM4XfynOa1wGe

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\file.exe
    "C:\Users\Admin\AppData\Local\Temp\file.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    PID:3112

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3112-0-0x000000007503E000-0x000000007503F000-memory.dmp

          Filesize

          4KB

        • memory/3112-1-0x0000000000EC0000-0x0000000000F1E000-memory.dmp

          Filesize

          376KB

        • memory/3112-2-0x00000000058B0000-0x000000000596E000-memory.dmp

          Filesize

          760KB

        • memory/3112-3-0x0000000075030000-0x00000000757E0000-memory.dmp

          Filesize

          7.7MB

        • memory/3112-4-0x0000000005F90000-0x00000000065A8000-memory.dmp

          Filesize

          6.1MB

        • memory/3112-5-0x0000000005A90000-0x0000000005AF6000-memory.dmp

          Filesize

          408KB

        • memory/3112-8-0x000000007503E000-0x000000007503F000-memory.dmp

          Filesize

          4KB

        • memory/3112-9-0x0000000075030000-0x00000000757E0000-memory.dmp

          Filesize

          7.7MB