Overview

overview

10

Static

static

10

dbd1b0ec79...f9.exe

windows7-x64

1

dbd1b0ec79...f9.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2025 03:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dbd1b0ec7989f8e0a2e64e910f91eb9bbcaa3584ce34afc11243668f48320ef9.exe

  • Size

    1.7MB

  • MD5

    9d244192a079e8275c033c6eeb769a23

  • SHA1

    6b3f415a8c81e8d2fe25b7df2ef572b95e5930f1

  • SHA256

    dbd1b0ec7989f8e0a2e64e910f91eb9bbcaa3584ce34afc11243668f48320ef9

  • SHA512

    f424967e108f139d706b9a535c3a5885f4015dd772dc7d93acefaebd4f0018df33aba615193accba24e03453f7bebe279deb869df90a113b2950efb04415a10b

  • SSDEEP

    24576:GSal4MDeQZ0EaZD16NFWT2/waCWeqD4EPj2wd1INDSVXT5XUfGTBya8:GS44hQZ0BD14FWAwaCWEJy15XT5XnB18

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dbd1b0ec7989f8e0a2e64e910f91eb9bbcaa3584ce34afc11243668f48320ef9.exe
    "C:\Users\Admin\AppData\Local\Temp\dbd1b0ec7989f8e0a2e64e910f91eb9bbcaa3584ce34afc11243668f48320ef9.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2504-0-0x000007FEF5A03000-0x000007FEF5A04000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2504-1-0x0000000001C70000-0x0000000001CA4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2504-3-0x000007FEF5A00000-0x000007FEF63EC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2504-2-0x000007FEF5A00000-0x000007FEF63EC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2504-4-0x000007FEF5A00000-0x000007FEF63EC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2504-6-0x0000000001D30000-0x0000000001D3A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2504-5-0x0000000001D30000-0x0000000001D3A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2504-7-0x000007FEF5A00000-0x000007FEF63EC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2504-11-0x000007FEF5A00000-0x000007FEF63EC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2504-34-0x000007FEF5A03000-0x000007FEF5A04000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2504-35-0x000007FEF5A00000-0x000007FEF63EC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2504-36-0x000007FEF5A00000-0x000007FEF63EC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2504-37-0x000007FEF5A00000-0x000007FEF63EC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2504-38-0x0000000001D30000-0x0000000001D3A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2504-39-0x000007FEF5A00000-0x000007FEF63EC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2504-40-0x000007FEF5A00000-0x000007FEF63EC000-memory.dmp

    Filesize

    9.9MB

    Download