Overview

overview

10

Static

static

10

f9511ba7a0...ef.exe

windows7-x64

1

f9511ba7a0...ef.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    27-01-2025 21:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f9511ba7a0047028d244daa9d7d7b34601d228c4109388aeee681f598c1616ef.exe

  • Size

    1.7MB

  • MD5

    f548df00ec5b9814ab70d93cfe121286

  • SHA1

    3e0083679fc7023c0c5258a0f935c871c1831d77

  • SHA256

    f9511ba7a0047028d244daa9d7d7b34601d228c4109388aeee681f598c1616ef

  • SHA512

    f375cef5a840d2cda7c90f96c9bea009939419ed5e47e8da7c2a4e85def234a835ec601984900f63286d2cf056d3350236dca9632a2bd8aad3457240daa9581b

  • SSDEEP

    24576:29lqJmnR6/nWS8SzWScSoSjOXf9wlEGIIspdd/a9UZBb4YLKDSVXT5XDbOU3yaO:2WJGGBOXRGFaTxLfXT5X/Oa1O

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f9511ba7a0047028d244daa9d7d7b34601d228c4109388aeee681f598c1616ef.exe
    "C:\Users\Admin\AppData\Local\Temp\f9511ba7a0047028d244daa9d7d7b34601d228c4109388aeee681f598c1616ef.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2760-0-0x000007FEF63D3000-0x000007FEF63D4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2760-1-0x0000000000350000-0x0000000000384000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2760-2-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2760-3-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2760-4-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2760-5-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2760-6-0x00000000003A0000-0x00000000003AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2760-7-0x00000000003A0000-0x00000000003AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2760-8-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2760-12-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2760-31-0x000007FEF63D3000-0x000007FEF63D4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2760-32-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2760-33-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2760-34-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2760-35-0x00000000003A0000-0x00000000003AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2760-36-0x00000000003A0000-0x00000000003AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2760-37-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2760-38-0x000007FEF63D0000-0x000007FEF6DBC000-memory.dmp

    Filesize

    9.9MB

    Download