Overview

overview

10

Static

static

10

81de2861fa...73.exe

windows7-x64

1

81de2861fa...73.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250217-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/03/2025, 05:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    81de2861fa69abf9c7689a3d8206db5035493e42de90189ab53cc6aff575eb73.exe

  • Size

    1.3MB

  • MD5

    5025771d877847470936e0a2c6b21596

  • SHA1

    3589468c831433262a6d81ebd859a7f0d87131d0

  • SHA256

    81de2861fa69abf9c7689a3d8206db5035493e42de90189ab53cc6aff575eb73

  • SHA512

    b5d471b88517b5f2610092ab541ecb1842090479cca207f28df24f10e6b7d881d49879c3616d904665e0fa8646732cbadc909b7b3a8455a650ef8da478e49f58

  • SSDEEP

    24576:ZplYF+P0gT6o5LPSSaELhw+4D1eNDSVXT5XAhNGyai:byFA0gT62LWEtwP1eSXT5XAhNG1i

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\81de2861fa69abf9c7689a3d8206db5035493e42de90189ab53cc6aff575eb73.exe
    "C:\Users\Admin\AppData\Local\Temp\81de2861fa69abf9c7689a3d8206db5035493e42de90189ab53cc6aff575eb73.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4736-0-0x00007FFC1E203000-0x00007FFC1E205000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4736-1-0x000001CD784B0000-0x000001CD784E4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4736-2-0x00007FFC1E200000-0x00007FFC1ECC1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4736-3-0x00007FFC1E200000-0x00007FFC1ECC1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4736-4-0x00007FFC1E200000-0x00007FFC1ECC1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4736-5-0x00007FFC1E200000-0x00007FFC1ECC1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4736-6-0x00007FFC1E200000-0x00007FFC1ECC1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4736-7-0x000001CD79010000-0x000001CD79018000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4736-9-0x000001CD79020000-0x000001CD7902E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4736-8-0x000001CD7E860000-0x000001CD7E898000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4736-22-0x00007FFC1E203000-0x00007FFC1E205000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4736-23-0x00007FFC1E200000-0x00007FFC1ECC1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4736-24-0x00007FFC1E200000-0x00007FFC1ECC1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4736-25-0x00007FFC1E200000-0x00007FFC1ECC1000-memory.dmp

    Filesize

    10.8MB

    Download