Overview

overview

10

Static

static

10

8dd3c5a063...c8.exe

windows7-x64

1

8dd3c5a063...c8.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28-01-2025 18:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8dd3c5a0631a6a91b2c3127a1ad3be5f60e4dad1b63df639c798ab8f72991ec8.exe

  • Size

    1.7MB

  • MD5

    aa9302592015d61e1fc0a18caf613b4e

  • SHA1

    5818301b82b43fd5fa1b851eef474ad370642073

  • SHA256

    8dd3c5a0631a6a91b2c3127a1ad3be5f60e4dad1b63df639c798ab8f72991ec8

  • SHA512

    b3794030d5e48a2ca2d62c38680643a20a03907cc887d55502f2f4be01972de883beb3d2f82ed0f7f32bf61ec6ff1f4a6973580881390504b41cc52a3d53c51b

  • SSDEEP

    24576:oSuJjPefpdAZuizPWI11u8ab9ILFh2J9kc5yOArDSVXT5Xo2cyaq:oSiPeorzPWJ88yuu8XT5X41q

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8dd3c5a0631a6a91b2c3127a1ad3be5f60e4dad1b63df639c798ab8f72991ec8.exe
    "C:\Users\Admin\AppData\Local\Temp\8dd3c5a0631a6a91b2c3127a1ad3be5f60e4dad1b63df639c798ab8f72991ec8.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3044-0-0x000007FEF58B3000-0x000007FEF58B4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3044-1-0x0000000001C80000-0x0000000001CB4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/3044-2-0x000007FEF58B0000-0x000007FEF629C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3044-3-0x000007FEF58B0000-0x000007FEF629C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3044-4-0x000007FEF58B0000-0x000007FEF629C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3044-6-0x0000000002170000-0x000000000217A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3044-7-0x000007FEF58B0000-0x000007FEF629C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3044-5-0x0000000002170000-0x000000000217A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3044-11-0x000007FEF58B0000-0x000007FEF629C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3044-34-0x000007FEF58B3000-0x000007FEF58B4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3044-35-0x000007FEF58B0000-0x000007FEF629C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3044-36-0x000007FEF58B0000-0x000007FEF629C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3044-37-0x000007FEF58B0000-0x000007FEF629C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3044-38-0x0000000002170000-0x000000000217A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3044-39-0x0000000002170000-0x000000000217A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3044-40-0x000007FEF58B0000-0x000007FEF629C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/3044-41-0x000007FEF58B0000-0x000007FEF629C000-memory.dmp

    Filesize

    9.9MB

    Download