Overview

overview

10

Static

static

10

a3bfb0c046...9f.exe

windows7-x64

1

a3bfb0c046...9f.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-01-2025 05:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a3bfb0c0467add2381d22bb5c3ff21c762f72d38aef9245a79bca8064e9dc79f.exe

  • Size

    1.7MB

  • MD5

    ef26cac5ace83ed51d369632bf8b8ee1

  • SHA1

    994556135628fe8c0d1b78971d4aa7976a2401f3

  • SHA256

    a3bfb0c0467add2381d22bb5c3ff21c762f72d38aef9245a79bca8064e9dc79f

  • SHA512

    b31d980e07ce37c726d3b5fd794fb777e6ecf1a82a5b2d0837aa11ab95dc9e3eb0be71fd66ed97cfa7fb6c13fd79be8b97e59f8baa9e4e84cb44ff250eb59afa

  • SSDEEP

    24576:vmQn8AtHx3OXiORxXpv9aRmqZhm9tChfKsKNDSVXT5XUjlkyar:vm8tHAXV3Xp2m6h0UfKszXT5XUjG1r

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a3bfb0c0467add2381d22bb5c3ff21c762f72d38aef9245a79bca8064e9dc79f.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bfb0c0467add2381d22bb5c3ff21c762f72d38aef9245a79bca8064e9dc79f.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4456

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4456-0-0x00007FF9A05F3000-0x00007FF9A05F5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4456-1-0x0000019D6FC50000-0x0000019D6FC84000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4456-2-0x00007FF9A05F0000-0x00007FF9A10B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4456-3-0x00007FF9A05F0000-0x00007FF9A10B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4456-4-0x00007FF9A05F0000-0x00007FF9A10B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4456-5-0x00007FF9A05F0000-0x00007FF9A10B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4456-7-0x00007FF9A05F0000-0x00007FF9A10B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4456-6-0x0000019D759B0000-0x0000019D759B8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4456-9-0x0000019D75FF0000-0x0000019D75FFE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4456-8-0x0000019D76030000-0x0000019D76068000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4456-22-0x00007FF9A05F3000-0x00007FF9A05F5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4456-23-0x00007FF9A05F0000-0x00007FF9A10B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4456-24-0x00007FF9A05F0000-0x00007FF9A10B1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4456-25-0x00007FF9A05F0000-0x00007FF9A10B1000-memory.dmp

    Filesize

    10.8MB

    Download