Overview

overview

10

Static

static

10

2515f1bc60...6c.exe

windows7-x64

1

2515f1bc60...6c.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250129-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-02-2025 07:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2515f1bc60dbd7f3fad5c75238157176059f6673bdcf0e70d74761a8c024286c.exe

  • Size

    1.3MB

  • MD5

    8835a4f0a11c88a918eb7dbbfe8ab799

  • SHA1

    1c5e8d911b8bf243063859a2d5203509054c2bda

  • SHA256

    2515f1bc60dbd7f3fad5c75238157176059f6673bdcf0e70d74761a8c024286c

  • SHA512

    1bb57f726509e409838851d812294b3f52e1acfd61cdb1792f0f852a2e573cd34ae5e88088d9677c901b0c8ce2e7abdd3661c339e55f2d46d1e0455bcfdd861d

  • SSDEEP

    24576:Si7+6O3GUHh3++9qSpQs/D9AENl0/13Yya3DSVXT5XuOJY:Sh3NHh3L9/D9A609I1EXT5X9JY

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2515f1bc60dbd7f3fad5c75238157176059f6673bdcf0e70d74761a8c024286c.exe
    "C:\Users\Admin\AppData\Local\Temp\2515f1bc60dbd7f3fad5c75238157176059f6673bdcf0e70d74761a8c024286c.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2932-0-0x00007FFC582A3000-0x00007FFC582A5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2932-1-0x00000218DD3B0000-0x00000218DD3E4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2932-2-0x00007FFC582A0000-0x00007FFC58D61000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2932-3-0x00007FFC582A0000-0x00007FFC58D61000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2932-4-0x00007FFC582A0000-0x00007FFC58D61000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2932-5-0x00007FFC582A0000-0x00007FFC58D61000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2932-6-0x00007FFC582A0000-0x00007FFC58D61000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2932-7-0x00000218F5ED0000-0x00000218F5ED8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2932-9-0x00000218F5EF0000-0x00000218F5EFE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2932-8-0x00000218F7880000-0x00000218F78B8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2932-22-0x00007FFC582A3000-0x00007FFC582A5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2932-23-0x00007FFC582A0000-0x00007FFC58D61000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2932-24-0x00007FFC582A0000-0x00007FFC58D61000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2932-25-0x00007FFC582A0000-0x00007FFC58D61000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2932-26-0x00007FFC582A0000-0x00007FFC58D61000-memory.dmp

    Filesize

    10.8MB

    Download