a2ed54b7599915b79022ef37a72c20c7c5c2673b66bb0b08e4f435dd961332e4

Analysis

max time kernel
121s
max time network
125s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
06-02-2025 07:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ZAMDOST_230-ZT-2025_Oryginał_4_pdf .exe
Size

10KB
MD5

0dcd8fec15008f65cf8e9bb63d1b9e8f
SHA1

0971537d92bea47b1a362c043b86e72c0e409ddc
SHA256

2aaec088fcb6aad10489c469a1808dade264b9b19f0654fc82a37ec9af36b266
SHA512

8bac17357f5a2b0273d226ae3e193ab1473bc078b04b3a62077c61908827509aefbeea89bff7672cce9094ac17725335bb5f3f9b9bdb0f399530956bb0fb4271
SSDEEP

96:wdSSh0JE5Ooo7SSLLLXtyUruatvzrUUR1I7HMkExzF7MjJ5NX6MzNt:wSJE5Ot7jLPXrruapz7as7wl5NK2

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2904	ZAMDOST_230-ZT-2025_Oryginał_4_pdf .exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	2904	ZAMDOST_230-ZT-2025_Oryginał_4_pdf .exe
Token: SeDebugPrivilege	2904	ZAMDOST_230-ZT-2025_Oryginał_4_pdf .exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2904 wrote to memory of 4740	2904	ZAMDOST_230-ZT-2025_Oryginał_4_pdf .exe	30
PID 2904 wrote to memory of 4740	2904	ZAMDOST_230-ZT-2025_Oryginał_4_pdf .exe	30
PID 2904 wrote to memory of 4740	2904	ZAMDOST_230-ZT-2025_Oryginał_4_pdf .exe	30

C:\Users\Admin\AppData\Local\Temp\ZAMDOST_230-ZT-2025_Oryginał_4_pdf .exe
"C:\Users\Admin\AppData\Local\Temp\ZAMDOST_230-ZT-2025_Oryginał_4_pdf .exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2904
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2904 -s 888
  2⤵
  PID:4740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2904-0-0x000007FEF6BB3000-0x000007FEF6BB4000-memory.dmp

Filesize
4KB

Download
memory/2904-1-0x0000000000920000-0x0000000000926000-memory.dmp

Filesize
24KB

Download
memory/2904-2-0x000007FEF6BB0000-0x000007FEF759C000-memory.dmp

Filesize
9.9MB

Download
memory/2904-3-0x000000001DAC0000-0x000000001DBC8000-memory.dmp

Filesize
1.0MB

Download
memory/2904-9-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-4-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-5-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-7-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-11-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-13-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-15-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-17-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-19-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-21-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-37-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-39-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-35-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-33-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-29-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-27-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-25-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-23-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-41-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-43-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-45-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-47-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-49-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-51-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-53-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-57-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-31-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-68-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-1326-0x000007FEF6BB3000-0x000007FEF6BB4000-memory.dmp

Filesize
4KB

Download
memory/2904-1327-0x000007FEF6BB0000-0x000007FEF759C000-memory.dmp

Filesize
9.9MB

Download
memory/2904-65-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-63-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-61-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-59-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-55-0x000000001DAC0000-0x000000001DBC2000-memory.dmp

Filesize
1.0MB

Download
memory/2904-1328-0x000007FEF6BB0000-0x000007FEF759C000-memory.dmp

Filesize
9.9MB

Download
memory/2904-1329-0x0000000000710000-0x0000000000772000-memory.dmp

Filesize
392KB

Download
memory/2904-1330-0x00000000008B0000-0x0000000000910000-memory.dmp

Filesize
384KB

Download
memory/2904-1331-0x0000000002230000-0x000000000227C000-memory.dmp

Filesize
304KB

Download
memory/2904-1332-0x000007FEF6BB0000-0x000007FEF759C000-memory.dmp

Filesize
9.9MB

Download
memory/2904-1333-0x000007FEF6BB0000-0x000007FEF759C000-memory.dmp

Filesize
9.9MB

Download
memory/2904-1334-0x000007FEF6BB0000-0x000007FEF759C000-memory.dmp

Filesize
9.9MB

Download
memory/2904-1335-0x000007FEF6BB0000-0x000007FEF759C000-memory.dmp

Filesize
9.9MB

Download
memory/2904-1336-0x0000000002280000-0x00000000022D4000-memory.dmp

Filesize
336KB

Download
memory/2904-1337-0x000007FEF6BB0000-0x000007FEF759C000-memory.dmp

Filesize
9.9MB

Download
memory/2904-1338-0x000007FEF6BB0000-0x000007FEF759C000-memory.dmp

Filesize
9.9MB

Download