Overview

overview

10

Static

static

10

5f039af1a6...91.exe

windows7-x64

7

5f039af1a6...91.exe

windows10-2004-x64

7

5f176e85cd...29.exe

windows7-x64

3

5f176e85cd...29.exe

windows10-2004-x64

3

5f59a08b97...d7.exe

windows7-x64

10

5f59a08b97...d7.exe

windows10-2004-x64

10

5f6bf86507...dd.exe

windows7-x64

10

5f6bf86507...dd.exe

windows10-2004-x64

10

5f7cc3cf60...7b.exe

windows7-x64

8

5f7cc3cf60...7b.exe

windows10-2004-x64

8

5f9e580111...ab.exe

windows7-x64

1

5f9e580111...ab.exe

windows10-2004-x64

1

5fb355ac6b...33.exe

windows7-x64

10

5fb355ac6b...33.exe

windows10-2004-x64

10

5fbe4073ad...bc.exe

windows7-x64

1

5fbe4073ad...bc.exe

windows10-2004-x64

1

6025a03430...45.exe

windows7-x64

10

6025a03430...45.exe

windows10-2004-x64

10

603d00b49e...6c.exe

windows7-x64

1

603d00b49e...6c.exe

windows10-2004-x64

1

605e7762c4...0f.exe

windows7-x64

10

605e7762c4...0f.exe

windows10-2004-x64

10

6062c88bd6...c6.exe

windows7-x64

10

6062c88bd6...c6.exe

windows10-2004-x64

8

6099cb8be8...c1.exe

windows7-x64

8

6099cb8be8...c1.exe

windows10-2004-x64

10

60cefc41a3...23.exe

windows7-x64

10

60cefc41a3...23.exe

windows10-2004-x64

10

612990113a...02.exe

windows7-x64

10

612990113a...02.exe

windows10-2004-x64

10

6135280278...33.exe

windows7-x64

10

6135280278...33.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/03/2025, 06:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5f039af1a66a3a9d97e5a98931ecadfa8190980e54a6b78f09df47faa4615d91.exe

  • Size

    7.9MB

  • MD5

    da1364870c95f396ea84ac60afdab146

  • SHA1

    d5e023d34954e0d7e32575cf79049a7c64688456

  • SHA256

    5f039af1a66a3a9d97e5a98931ecadfa8190980e54a6b78f09df47faa4615d91

  • SHA512

    b6a8827705fda917b0ef6297d37979799f7ca29e9236381b57a7f6bd95b7ede836efa8056851f260706796caf3d6b6d910326fbee209aa85ab5986bdb2f9d536

  • SSDEEP

    196608:M9sGLbd7rEWWn87E3QeotSqrG8YqcIXcZZB2:MmqbhrEbn87eZsFmq+6

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5f039af1a66a3a9d97e5a98931ecadfa8190980e54a6b78f09df47faa4615d91.exe
    "C:\Users\Admin\AppData\Local\Temp\5f039af1a66a3a9d97e5a98931ecadfa8190980e54a6b78f09df47faa4615d91.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:216
    • C:\Users\Admin\AppData\Local\Temp\QvLT7qk.exe
      QzpcVXNlcnNcQWRtaW5cQXBwRGF0YVxMb2NhbFxUZW1wXDVmMDM5YWYxYTY2YTNhOWQ5N2U1YTk4OTMxZWNhZGZhODE5MDk4MGU1NGE2Yjc4ZjA5ZGY0N2ZhYTQ2MTVkOTEuZXhl 2
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:1500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\QvLT7qk.exe
    Filesize

    7.9MB

    MD5

    3d33a91f2ea28d17fa38872ae508969e

    SHA1

    3f3322e823c5a8b9316f406c7900aae2405cae09

    SHA256

    93574ab73601a389b73642ac7746c0fae0377a08c0ffde447a182ff407f204d6

    SHA512

    a2a3d99323299978eae41ac8d42ecaf475e6af59dad95c6f15745745355e759cf716d1d6d0500d5560b80601d53143e4b0e814d4ee677d67d1ee1b2227bec680

    Download Submit

  • memory/216-12-0x00007FFA875B0000-0x00007FFA88071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/216-1-0x000001BF66CE0000-0x000001BF67FF2000-memory.dmp

    Filesize

    19.1MB

    Download

  • memory/216-2-0x00007FFA875B0000-0x00007FFA88071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/216-0-0x00007FFA875B3000-0x00007FFA875B5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1500-18-0x000002867EC40000-0x000002867EC48000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1500-19-0x000002867FA70000-0x000002867FAA8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/1500-15-0x00007FFA875B0000-0x00007FFA88071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1500-16-0x0000028679EC0000-0x0000028679EC8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1500-17-0x0000028679EB0000-0x0000028679EC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1500-13-0x00007FFA875B0000-0x00007FFA88071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1500-20-0x000002867FA30000-0x000002867FA3E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/1500-14-0x000002865E760000-0x000002865FA72000-memory.dmp

    Filesize

    19.1MB

    Download

  • memory/1500-22-0x0000028600370000-0x0000028600DF6000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/1500-24-0x00007FFAA6030000-0x00007FFAA6032000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1500-27-0x0000028600370000-0x0000028600DF6000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/1500-26-0x0000028600370000-0x0000028600DF6000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/1500-28-0x0000028600370000-0x0000028600DF6000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/1500-30-0x00007FFA875B0000-0x00007FFA88071000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1500-31-0x00007FFA875B0000-0x00007FFA88071000-memory.dmp

    Filesize

    10.8MB

    Download