Overview

overview

3

Static

static

3

9deeebbf38...bf.exe

windows7-x64

1

9deeebbf38...bf.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    92s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/11/2024, 09:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9deeebbf38b3d65c59e88033b968601393e3c6f5a09b21789a1f3a3d8b5d17bf.exe

  • Size

    1.5MB

  • MD5

    9651ab7c2e1033f313be8af36b3978c3

  • SHA1

    3370ab6426ce789df23335c8f64cafe6515c3804

  • SHA256

    9deeebbf38b3d65c59e88033b968601393e3c6f5a09b21789a1f3a3d8b5d17bf

  • SHA512

    e0c1de4c6cd997cbefc4321ced6c77ca644e41f25c3aa28e897c7240cfe8a4dde9cd922feac450e6063257ad9a8e68666658d7c8b1158760080e132093df2065

  • SSDEEP

    24576:shZRycwRPdEY8jWGS4EFJ8YgmGmdLdnjH4FV7FAG3UQoTYKlyc:FcwhdX29S4C6kG0dwAID

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9deeebbf38b3d65c59e88033b968601393e3c6f5a09b21789a1f3a3d8b5d17bf.exe
    "C:\Users\Admin\AppData\Local\Temp\9deeebbf38b3d65c59e88033b968601393e3c6f5a09b21789a1f3a3d8b5d17bf.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3380

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3380-0-0x00007FFE0B013000-0x00007FFE0B015000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3380-1-0x00000150F3D80000-0x00000150F3EFE000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/3380-2-0x00000150F6380000-0x00000150F64DA000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/3380-4-0x00000150F5B30000-0x00000150F5B4A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/3380-5-0x00000150F5B50000-0x00000150F5B8A000-memory.dmp

    Filesize

    232KB

    Download

  • memory/3380-3-0x00000150F5A60000-0x00000150F5A6A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3380-6-0x00000150F64E0000-0x00000150F6516000-memory.dmp

    Filesize

    216KB

    Download

  • memory/3380-7-0x00000150F5B00000-0x00000150F5B22000-memory.dmp

    Filesize

    136KB

    Download

  • memory/3380-8-0x00000150F5A70000-0x00000150F5A78000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3380-9-0x00007FFE0B010000-0x00007FFE0BAD1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3380-10-0x00000150F6530000-0x00000150F65D0000-memory.dmp

    Filesize

    640KB

    Download

  • memory/3380-11-0x00000150F65D0000-0x00000150F65DA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3380-12-0x00000150F65E0000-0x00000150F6606000-memory.dmp

    Filesize

    152KB

    Download

  • memory/3380-13-0x00000150F5B90000-0x00000150F5B98000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3380-15-0x00000150F6630000-0x00000150F663A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3380-14-0x00000150F6610000-0x00000150F6626000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3380-16-0x00000150F6520000-0x00000150F652A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3380-17-0x00000150F6650000-0x00000150F6658000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3380-18-0x00000150F6760000-0x00000150F677E000-memory.dmp

    Filesize

    120KB

    Download

  • memory/3380-19-0x00000150F6640000-0x00000150F664A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3380-21-0x00007FFE0B010000-0x00007FFE0BAD1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3380-22-0x00007FFE0B010000-0x00007FFE0BAD1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3380-23-0x00000150F99E0000-0x00000150F9A30000-memory.dmp

    Filesize

    320KB

    Download

  • memory/3380-27-0x00007FFE0B010000-0x00007FFE0BAD1000-memory.dmp

    Filesize

    10.8MB

    Download