Overview

overview

10

Static

static

10

b6838e142a...9a.exe

windows7-x64

1

b6838e142a...9a.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-01-2025 23:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b6838e142a69c7833531d379f5349e3393a87505e87fce88be43b687c7dceb9a.exe

  • Size

    1.3MB

  • MD5

    412062c16487989312ff81269b1a4848

  • SHA1

    d0f9e57706c4dc986c6c05a728fbbe591a253695

  • SHA256

    b6838e142a69c7833531d379f5349e3393a87505e87fce88be43b687c7dceb9a

  • SHA512

    6317193c21ca288968b314fa248dcbb8543733b6cd3cd4fdbc64f313536ba27f31d120af021dd4a2b09aa6097469c9f190611fe609e402e987dd205894abacaa

  • SSDEEP

    24576:SuRRjq45RYz698NPWxBLudQCbJ74A9WDSPX7j:tRu4rYzgIQL+xV77917j

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b6838e142a69c7833531d379f5349e3393a87505e87fce88be43b687c7dceb9a.exe
    "C:\Users\Admin\AppData\Local\Temp\b6838e142a69c7833531d379f5349e3393a87505e87fce88be43b687c7dceb9a.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1208-0-0x00007FF9DC8D3000-0x00007FF9DC8D5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1208-1-0x0000016EBED50000-0x0000016EBED82000-memory.dmp

    Filesize

    200KB

    Download

  • memory/1208-2-0x00007FF9DC8D0000-0x00007FF9DD391000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1208-3-0x00007FF9DC8D0000-0x00007FF9DD391000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1208-6-0x00007FF9DC8D0000-0x00007FF9DD391000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1208-8-0x00007FF9DC8D0000-0x00007FF9DD391000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1208-15-0x00007FF9DC8D3000-0x00007FF9DC8D5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1208-16-0x00007FF9DC8D0000-0x00007FF9DD391000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1208-17-0x00007FF9DC8D0000-0x00007FF9DD391000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1208-18-0x00007FF9DC8D0000-0x00007FF9DD391000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1208-19-0x00007FF9DC8D0000-0x00007FF9DD391000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1208-20-0x00007FF9DC8D0000-0x00007FF9DD391000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1208-21-0x00007FF9DC8D0000-0x00007FF9DD391000-memory.dmp

    Filesize

    10.8MB

    Download