Overview

overview

10

Static

static

10

6c6e1a802b...ac.exe

windows7-x64

1

6c6e1a802b...ac.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    01-02-2025 07:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6c6e1a802b3a9444c6fc59274e49f2a8522390f2a86a95b40e9a43882adb97ac.exe

  • Size

    2.0MB

  • MD5

    d70a789e5f5882e075e6065ba07adfeb

  • SHA1

    cb576d0fb8c00a276e3aa785080514037fa5ee12

  • SHA256

    6c6e1a802b3a9444c6fc59274e49f2a8522390f2a86a95b40e9a43882adb97ac

  • SHA512

    508c5af0629e8114558badc46342bc86d4a711a40bba81bd8f62ba41f612bdcef8983863dde962222de8c52ca35710229b6ce320fffdfe697d195faebd164fc5

  • SSDEEP

    49152:AVImnP3ObryxvZcaS39o1LsWO4iaXT5XeM1Y:A8OOaS36D5r1Y

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6c6e1a802b3a9444c6fc59274e49f2a8522390f2a86a95b40e9a43882adb97ac.exe
    "C:\Users\Admin\AppData\Local\Temp\6c6e1a802b3a9444c6fc59274e49f2a8522390f2a86a95b40e9a43882adb97ac.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2580-0-0x000007FEF5193000-0x000007FEF5194000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2580-1-0x0000000000140000-0x0000000000174000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2580-2-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2580-3-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2580-4-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2580-5-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2580-6-0x00000000001A0000-0x00000000001AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2580-7-0x00000000001A0000-0x00000000001AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2580-8-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2580-12-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2580-35-0x000007FEF5193000-0x000007FEF5194000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2580-36-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2580-37-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2580-38-0x00000000001A0000-0x00000000001AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2580-39-0x00000000001A0000-0x00000000001AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2580-40-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2580-41-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

    Filesize

    9.9MB

    Download