Overview

overview

10

Static

static

10

649ba1961a...ab.exe

windows7-x64

1

649ba1961a...ab.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250129-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-02-2025 14:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    649ba1961a5e12dd1b35d1d8aab80da7941b8d25ba2e2a794322b24d6400f8ab.exe

  • Size

    1.4MB

  • MD5

    678956d14ae033f6c4ae1de17c1d4a09

  • SHA1

    df37d0b9352758ce2433090bc9b2e4881969d19f

  • SHA256

    649ba1961a5e12dd1b35d1d8aab80da7941b8d25ba2e2a794322b24d6400f8ab

  • SHA512

    55abca7d7289e5470f711dcb01784c27abfb8e3738c12cdd8cdc78d5cdb9ce5fe841204e99795692babbeafbe4ad04c895c9d7eb88403e7e77df52bf94ed1229

  • SSDEEP

    24576:8tFS4j1cVPdZ8bBHeNxfMCrMhvHyZkno8DSdAqKWbJ7s:eriVabB+NeCANRofV7s

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\649ba1961a5e12dd1b35d1d8aab80da7941b8d25ba2e2a794322b24d6400f8ab.exe
    "C:\Users\Admin\AppData\Local\Temp\649ba1961a5e12dd1b35d1d8aab80da7941b8d25ba2e2a794322b24d6400f8ab.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:404

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/404-0-0x00007FFD825B3000-0x00007FFD825B5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/404-1-0x0000017EFAC50000-0x0000017EFAC8E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/404-2-0x00007FFD825B0000-0x00007FFD83071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/404-5-0x00007FFD825B0000-0x00007FFD83071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/404-6-0x00007FFD825B0000-0x00007FFD83071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/404-8-0x00007FFD825B0000-0x00007FFD83071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/404-20-0x00007FFD825B0000-0x00007FFD83071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/404-21-0x00007FFD825B3000-0x00007FFD825B5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/404-22-0x00007FFD825B0000-0x00007FFD83071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/404-23-0x00007FFD825B0000-0x00007FFD83071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/404-24-0x00007FFD825B0000-0x00007FFD83071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/404-25-0x00007FFD825B0000-0x00007FFD83071000-memory.dmp

    Filesize

    10.8MB

    Download