Overview

overview

10

Static

static

10

63bc6776b7...3b.exe

windows7-x64

10

63bc6776b7...3b.exe

windows10-2004-x64

10

641434cfae...75.exe

windows7-x64

10

641434cfae...75.exe

windows10-2004-x64

10

642fefb64c...0c.exe

windows7-x64

10

642fefb64c...0c.exe

windows10-2004-x64

10

6433ad2b9d...59.exe

windows7-x64

10

6433ad2b9d...59.exe

windows10-2004-x64

10

64402f0d8e...c0.exe

windows7-x64

10

64402f0d8e...c0.exe

windows10-2004-x64

10

6443d92f8c...ff.exe

windows7-x64

10

6443d92f8c...ff.exe

windows10-2004-x64

10

647ab91c93...52.exe

windows7-x64

1

647ab91c93...52.exe

windows10-2004-x64

10

64a6177287...fd.exe

windows7-x64

1

64a6177287...fd.exe

windows10-2004-x64

1

64cb9bc958...bf.exe

windows7-x64

3

64cb9bc958...bf.exe

windows10-2004-x64

3

64d77182d5...9a.exe

windows7-x64

10

64d77182d5...9a.exe

windows10-2004-x64

10

64f4533af0...b2.exe

windows7-x64

10

64f4533af0...b2.exe

windows10-2004-x64

10

650411faaa...82.exe

windows7-x64

10

650411faaa...82.exe

windows10-2004-x64

10

65099e4d1a...a3.exe

windows7-x64

7

65099e4d1a...a3.exe

windows10-2004-x64

7

6568e08910...e3.exe

windows7-x64

10

6568e08910...e3.exe

windows10-2004-x64

10

656d929530...ab.exe

windows7-x64

10

656d929530...ab.exe

windows10-2004-x64

10

65720da539...b1.exe

windows7-x64

10

65720da539...b1.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/03/2025, 06:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    65099e4d1aa799000e529ebfb194fca3.exe

  • Size

    7.9MB

  • MD5

    65099e4d1aa799000e529ebfb194fca3

  • SHA1

    2138fa1dea5f14a60aa187a8a7e4420f33071517

  • SHA256

    4962734497a69d1a6ed08dd33ee7d855703b0fecea58d77cfb4974a43974d865

  • SHA512

    a1494b92d296d58b1f6b87a6c17884fa32b9cac458e0f7299ee1aba19c4171f0376bb9c0c666788798587e34151ff7a43777ca3fdb355b7cf59c1c81f8d5b159

  • SSDEEP

    196608:+9sGLbd7rEWWn87E3QeotSqrG8YqcIXcZZBW:+mqbhrEbn87eZsFmq+y

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\65099e4d1aa799000e529ebfb194fca3.exe
    "C:\Users\Admin\AppData\Local\Temp\65099e4d1aa799000e529ebfb194fca3.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1368
    • C:\Users\Admin\AppData\Local\Temp\rAcZk.exe
      QzpcVXNlcnNcQWRtaW5cQXBwRGF0YVxMb2NhbFxUZW1wXDY1MDk5ZTRkMWFhNzk5MDAwZTUyOWViZmIxOTRmY2EzLmV4ZQ== 16
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:4528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rAcZk.exe
    Filesize

    7.9MB

    MD5

    78a8a042e3ac79f51442ee376c37e5a1

    SHA1

    1ce98abdfe55ffbab410de640216dc2c2837d10a

    SHA256

    6f756ef17cff31fc8f7a5b609b3a811c2616a59107106312a4f61c1e4b2c1bd0

    SHA512

    5035a83af1be4805134a9f0c8b456c5b4e2de492b1706547083a7bf8cbef12752dbb7c69aa3796b29a8de82d3e53e7eba3eb98725e1e2603e79f16f73bcf42f9

    Download Submit

  • memory/1368-1-0x000001E04AEB0000-0x000001E04C1C2000-memory.dmp

    Filesize

    19.1MB

    Download

  • memory/1368-2-0x00007FF9E0630000-0x00007FF9E10F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1368-0-0x00007FF9E0633000-0x00007FF9E0635000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1368-12-0x00007FF9E0630000-0x00007FF9E10F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4528-16-0x000001892AAD0000-0x000001892AAD8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4528-19-0x0000018944CD0000-0x0000018944D08000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4528-15-0x00007FF9E0630000-0x00007FF9E10F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4528-13-0x00007FF9E0630000-0x00007FF9E10F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4528-17-0x000001892AAC0000-0x000001892AAD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4528-18-0x0000018944C50000-0x0000018944C58000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4528-20-0x0000018944CA0000-0x0000018944CAE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4528-14-0x0000018927BC0000-0x0000018928ED2000-memory.dmp

    Filesize

    19.1MB

    Download

  • memory/4528-22-0x00000189491C0000-0x0000018949C46000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/4528-24-0x00007FF9FF030000-0x00007FF9FF032000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4528-26-0x00000189491C0000-0x0000018949C46000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/4528-27-0x00000189491C0000-0x0000018949C46000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/4528-29-0x00007FF9E0630000-0x00007FF9E10F1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4528-30-0x00007FF9E0630000-0x00007FF9E10F1000-memory.dmp

    Filesize

    10.8MB

    Download