Overview

overview

10

Static

static

1

abddf9db14...dc.exe

windows7-x64

1

abddf9db14...dc.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    75s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2024 00:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    abddf9db14d54ebcf6f938a2576819093e2fed642e21669b66feef11a3858edc.exe

  • Size

    221KB

  • MD5

    5c712211dfdaeebb1e0d99549f544689

  • SHA1

    fdfa4a320ef6e3ed098d30b253cbdb7cb920e81c

  • SHA256

    abddf9db14d54ebcf6f938a2576819093e2fed642e21669b66feef11a3858edc

  • SHA512

    d9ee0c310ff0d0f588820bc0a1bbd99ede4eb357f00ebca205b82cc7bb5edd228a8548590c2e898ce44fa0638c93f925811de20f3d9f59ed1c6ed90babbdab00

  • SSDEEP

    3072:BLY7ICbXn4py0QdkqW0liZupX6LcFr1pE2ffMjUeEUciiJG8T:FY0r40CqcFpgEU21

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\abddf9db14d54ebcf6f938a2576819093e2fed642e21669b66feef11a3858edc.exe
    "C:\Users\Admin\AppData\Local\Temp\abddf9db14d54ebcf6f938a2576819093e2fed642e21669b66feef11a3858edc.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2072-0-0x000007FEF55E3000-0x000007FEF55E4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2072-1-0x0000000001180000-0x00000000011B8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2072-2-0x000007FEF55E0000-0x000007FEF5FCC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2072-3-0x000007FEF55E0000-0x000007FEF5FCC000-memory.dmp

    Filesize

    9.9MB

    Download