Overview

overview

10

Static

static

10

8acff6e2bf...2a.exe

windows7-x64

1

8acff6e2bf...2a.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27-01-2025 19:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a.exe

  • Size

    1.3MB

  • MD5

    b81e7d0306b862c7ab16e0fa15d0f970

  • SHA1

    26c38ba3aa68e8b87f0c5b413a11b31ee1cfdeb0

  • SHA256

    8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a

  • SHA512

    3b1f1eb65b666f0de7700ad8eaad3e452f270dc6be54f3a7020ab350f1122fc077c80f790226428caf51b67ca258b1293f162ca9ed457e8a03f5991017535247

  • SSDEEP

    24576:VcR2GXFIM2a3bSMMCwBLIMz0ts+l0GDSVXT5XwSzd0pE3x/yam:iVIM2qbSMMCwrJLXT5X9KIx1m

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a.exe
    "C:\Users\Admin\AppData\Local\Temp\8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2584-0-0x000007FEF5523000-0x000007FEF5524000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2584-1-0x0000000000250000-0x0000000000284000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2584-2-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-3-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-4-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-5-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-6-0x0000000000290000-0x000000000029A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2584-7-0x0000000000290000-0x000000000029A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2584-8-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-12-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-32-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-36-0x000007FEF5523000-0x000007FEF5524000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2584-37-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-38-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-39-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-40-0x0000000000290000-0x000000000029A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2584-41-0x0000000000290000-0x000000000029A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2584-42-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2584-43-0x000007FEF5520000-0x000007FEF5F0C000-memory.dmp

    Filesize

    9.9MB

    Download