Overview

overview

10

Static

static

10

8acff6e2bf...2a.exe

windows7-x64

1

8acff6e2bf...2a.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27-01-2025 19:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a.exe

  • Size

    1.3MB

  • MD5

    b81e7d0306b862c7ab16e0fa15d0f970

  • SHA1

    26c38ba3aa68e8b87f0c5b413a11b31ee1cfdeb0

  • SHA256

    8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a

  • SHA512

    3b1f1eb65b666f0de7700ad8eaad3e452f270dc6be54f3a7020ab350f1122fc077c80f790226428caf51b67ca258b1293f162ca9ed457e8a03f5991017535247

  • SSDEEP

    24576:VcR2GXFIM2a3bSMMCwBLIMz0ts+l0GDSVXT5XwSzd0pE3x/yam:iVIM2qbSMMCwrJLXT5X9KIx1m

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a.exe
    "C:\Users\Admin\AppData\Local\Temp\8acff6e2bf910e782adc7c39ced514098e6ee4dfed57007bd732ff476c408b2a.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3040-0-0x000007FEF50C3000-0x000007FEF50C4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3040-1-0x0000000000360000-0x0000000000394000-memory.dmp

    Filesize

    208KB

    Download

  • memory/3040-2-0x0000000000360000-0x0000000000394000-memory.dmp

    Filesize

    208KB

    Download

  • memory/3040-3-0x000007FEF50C0000-0x000007FEF5AAC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3040-4-0x000007FEF50C0000-0x000007FEF5AAC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3040-5-0x000007FEF50C0000-0x000007FEF5AAC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3040-7-0x0000000001C30000-0x0000000001C3A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3040-6-0x0000000001C30000-0x0000000001C3A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3040-8-0x000007FEF50C0000-0x000007FEF5AAC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3040-12-0x000007FEF50C0000-0x000007FEF5AAC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3040-31-0x000007FEF50C3000-0x000007FEF50C4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3040-32-0x000007FEF50C0000-0x000007FEF5AAC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3040-33-0x000007FEF50C0000-0x000007FEF5AAC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3040-34-0x000007FEF50C0000-0x000007FEF5AAC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3040-35-0x0000000001C30000-0x0000000001C3A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3040-36-0x0000000001C30000-0x0000000001C3A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3040-37-0x000007FEF50C0000-0x000007FEF5AAC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3040-38-0x000007FEF50C0000-0x000007FEF5AAC000-memory.dmp

    Filesize

    9.9MB

    Download