Overview

overview

10

Static

static

10

8acff6e2bf...2a.exe

windows7-x64

1

8acff6e2bf...2a.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-01-2025 19:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a.exe

  • Size

    1.3MB

  • MD5

    b81e7d0306b862c7ab16e0fa15d0f970

  • SHA1

    26c38ba3aa68e8b87f0c5b413a11b31ee1cfdeb0

  • SHA256

    8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a

  • SHA512

    3b1f1eb65b666f0de7700ad8eaad3e452f270dc6be54f3a7020ab350f1122fc077c80f790226428caf51b67ca258b1293f162ca9ed457e8a03f5991017535247

  • SSDEEP

    24576:VcR2GXFIM2a3bSMMCwBLIMz0ts+l0GDSVXT5XwSzd0pE3x/yam:iVIM2qbSMMCwrJLXT5X9KIx1m

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a.exe
    "C:\Users\Admin\AppData\Local\Temp\8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1840

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1840-0-0x00007FF81EA33000-0x00007FF81EA35000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1840-1-0x0000022B9CCB0000-0x0000022B9CCE4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1840-2-0x00007FF81EA30000-0x00007FF81F4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1840-3-0x00007FF81EA30000-0x00007FF81F4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1840-4-0x00007FF81EA30000-0x00007FF81F4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1840-5-0x00007FF81EA30000-0x00007FF81F4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1840-6-0x00007FF81EA30000-0x00007FF81F4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1840-7-0x0000022BB71F0000-0x0000022BB71F8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1840-9-0x0000022BB7430000-0x0000022BB743E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/1840-8-0x0000022BBACE0000-0x0000022BBAD18000-memory.dmp

    Filesize

    224KB

    Download

  • memory/1840-22-0x00007FF81EA33000-0x00007FF81EA35000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1840-23-0x00007FF81EA30000-0x00007FF81F4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1840-24-0x00007FF81EA30000-0x00007FF81F4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1840-25-0x00007FF81EA30000-0x00007FF81F4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1840-26-0x00007FF81EA30000-0x00007FF81F4F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1840-27-0x00007FF81EA30000-0x00007FF81F4F1000-memory.dmp

    Filesize

    10.8MB

    Download