Overview

overview

10

Static

static

10

bb97ac5503...ad.exe

windows7-x64

1

bb97ac5503...ad.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-01-2025 21:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bb97ac5503eb3ed943cb1ddb812b44ee9152fd665e86bfbc249762741d0b4dad.exe

  • Size

    1.7MB

  • MD5

    49389bf32935a08083f40abc03d3d31d

  • SHA1

    a5f60a69076c277270c752f2ea070c9e388fefd6

  • SHA256

    bb97ac5503eb3ed943cb1ddb812b44ee9152fd665e86bfbc249762741d0b4dad

  • SHA512

    3087b7a8d234b0865ba8c8e994438a628300890a4be7dac6a27293e4d9af3304438dab8703d284f1455d75d1c94daf1a9cdad2b5a25af59bd9acee61fccb4fc8

  • SSDEEP

    24576:oSuJjPefpdAZuizPWI11u8ab9ILFh2J9kc5yOArDSVXT5Xo2cya8:oSiPeorzPWJ88yuu8XT5X418

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bb97ac5503eb3ed943cb1ddb812b44ee9152fd665e86bfbc249762741d0b4dad.exe
    "C:\Users\Admin\AppData\Local\Temp\bb97ac5503eb3ed943cb1ddb812b44ee9152fd665e86bfbc249762741d0b4dad.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3124-1-0x00000182F1D50000-0x00000182F1D84000-memory.dmp

    Filesize

    208KB

    Download

  • memory/3124-0-0x00007FFD352C3000-0x00007FFD352C5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3124-2-0x00007FFD352C0000-0x00007FFD35D81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3124-3-0x00007FFD352C0000-0x00007FFD35D81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3124-4-0x00007FFD352C0000-0x00007FFD35D81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3124-5-0x00007FFD352C0000-0x00007FFD35D81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3124-6-0x00007FFD352C0000-0x00007FFD35D81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3124-7-0x00000182F80A0000-0x00000182F80A8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3124-9-0x00000182F80F0000-0x00000182F80FE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3124-8-0x00000182F8120000-0x00000182F8158000-memory.dmp

    Filesize

    224KB

    Download

  • memory/3124-22-0x00007FFD352C0000-0x00007FFD35D81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3124-23-0x00007FFD352C3000-0x00007FFD352C5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3124-24-0x00007FFD352C0000-0x00007FFD35D81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3124-25-0x00007FFD352C0000-0x00007FFD35D81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3124-26-0x00007FFD352C0000-0x00007FFD35D81000-memory.dmp

    Filesize

    10.8MB

    Download