Overview

overview

10

Static

static

10

14b4b0fd0b...1b.exe

windows7-x64

1

14b4b0fd0b...1b.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-01-2025 05:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    14b4b0fd0b1322cd5fbdee597d9b48c2577874eaa229715d6f75cb1f99ed231b.exe

  • Size

    1.1MB

  • MD5

    4de741741fcddc5d268a2a230b87fda3

  • SHA1

    42aed54e97e6fd5244679f5523ea12233d8b5608

  • SHA256

    14b4b0fd0b1322cd5fbdee597d9b48c2577874eaa229715d6f75cb1f99ed231b

  • SHA512

    28a844a04855c821a043c32ea44f8bcca7cb3e3019a89d63bdee8fb0f2de6b476abda60303af9c529a5167b4db25fbdb04ed0643aa966b17ee721e099a44d702

  • SSDEEP

    24576:DFFvPMPN3fQOJ8RU7f9DoobVRMxI8sgbJ73DSpS:P3K3fQa8ubFv3sIPgV7R

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\14b4b0fd0b1322cd5fbdee597d9b48c2577874eaa229715d6f75cb1f99ed231b.exe
    "C:\Users\Admin\AppData\Local\Temp\14b4b0fd0b1322cd5fbdee597d9b48c2577874eaa229715d6f75cb1f99ed231b.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4996-0-0x00007FFCD4143000-0x00007FFCD4145000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4996-3-0x000001785F4D0000-0x000001785F500000-memory.dmp

    Filesize

    192KB

    Download

  • memory/4996-6-0x00007FFCD4140000-0x00007FFCD4C01000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4996-7-0x00007FFCD4140000-0x00007FFCD4C01000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4996-8-0x00007FFCD4140000-0x00007FFCD4C01000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4996-9-0x00007FFCD4140000-0x00007FFCD4C01000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4996-10-0x0000017879A00000-0x0000017879A08000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4996-11-0x00007FFCD4140000-0x00007FFCD4C01000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4996-12-0x0000017879A50000-0x0000017879A88000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4996-13-0x0000017879A10000-0x0000017879A1E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4996-26-0x00007FFCD4143000-0x00007FFCD4145000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4996-27-0x00007FFCD4140000-0x00007FFCD4C01000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4996-28-0x00007FFCD4140000-0x00007FFCD4C01000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4996-29-0x00007FFCD4140000-0x00007FFCD4C01000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4996-30-0x00007FFCD4140000-0x00007FFCD4C01000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4996-31-0x00007FFCD4140000-0x00007FFCD4C01000-memory.dmp

    Filesize

    10.8MB

    Download