Overview

overview

10

Static

static

10

31f1b1e7a8...10.exe

windows7-x64

1

31f1b1e7a8...10.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250129-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-02-2025 16:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    31f1b1e7a8fbcfbc8e2ed8ee89a7d4bd5829d4c7371d6cb6d372833160477410.exe

  • Size

    1.6MB

  • MD5

    347e7a975426fbe27238df0b282a85de

  • SHA1

    1ca267d78cd653cab1696257f05e77cc2de73bb9

  • SHA256

    31f1b1e7a8fbcfbc8e2ed8ee89a7d4bd5829d4c7371d6cb6d372833160477410

  • SHA512

    c5c647e42b2abfd7b54514b973520d88d4406e8725e1003820ea6b9999b4af397412a5d4efe7dd5653e218e14e64fcaf4818ba6b30b010b13a1d9e41ede6d2f5

  • SSDEEP

    24576:r0yOdKnqj9MNrOoThmBZTsl3WaPECkDtGQjnEd7DSVXT5X1hnH:gSqj9MxOt83J/kwonPXT5X1hH

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\31f1b1e7a8fbcfbc8e2ed8ee89a7d4bd5829d4c7371d6cb6d372833160477410.exe
    "C:\Users\Admin\AppData\Local\Temp\31f1b1e7a8fbcfbc8e2ed8ee89a7d4bd5829d4c7371d6cb6d372833160477410.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4324-0-0x00007FFEFAF03000-0x00007FFEFAF05000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4324-1-0x000001913C5F0000-0x000001913C624000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4324-2-0x00007FFEFAF00000-0x00007FFEFB9C1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4324-3-0x00007FFEFAF00000-0x00007FFEFB9C1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4324-4-0x00007FFEFAF00000-0x00007FFEFB9C1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4324-5-0x00007FFEFAF00000-0x00007FFEFB9C1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4324-6-0x00007FFEFAF00000-0x00007FFEFB9C1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4324-7-0x000001915A950000-0x000001915A958000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4324-8-0x000001915A9D0000-0x000001915AA08000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4324-9-0x000001915A9A0000-0x000001915A9AE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4324-22-0x00007FFEFAF03000-0x00007FFEFAF05000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4324-23-0x00007FFEFAF00000-0x00007FFEFB9C1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4324-24-0x00007FFEFAF00000-0x00007FFEFB9C1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4324-25-0x00007FFEFAF00000-0x00007FFEFB9C1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4324-26-0x00007FFEFAF00000-0x00007FFEFB9C1000-memory.dmp

    Filesize

    10.8MB

    Download