Overview

overview

10

Static

static

10

a6b7e1f8d9...13.exe

windows7-x64

10

a6b7e1f8d9...13.exe

windows10-2004-x64

10

a6d91e550d...6e.exe

windows7-x64

7

a6d91e550d...6e.exe

windows10-2004-x64

7

a72cdbd8e2...ad.exe

windows7-x64

10

a72cdbd8e2...ad.exe

windows10-2004-x64

10

a731427f52...04.exe

windows7-x64

6

a731427f52...04.exe

windows10-2004-x64

6

a73951d873...67.exe

windows7-x64

10

a73951d873...67.exe

windows10-2004-x64

10

a74be4d5e7...73.exe

windows7-x64

10

a74be4d5e7...73.exe

windows10-2004-x64

10

a77ff4e4dd...87.exe

windows7-x64

10

a77ff4e4dd...87.exe

windows10-2004-x64

10

a799e456ff...88.exe

windows7-x64

10

a799e456ff...88.exe

windows10-2004-x64

10

a7c49036eb...95.exe

windows7-x64

3

a7c49036eb...95.exe

windows10-2004-x64

3

a7d8553ba6...a8.exe

windows7-x64

7

a7d8553ba6...a8.exe

windows10-2004-x64

7

a7e953c880...28.exe

windows7-x64

10

a7e953c880...28.exe

windows10-2004-x64

10

a7ead69ceb...a3.exe

windows7-x64

9

a7ead69ceb...a3.exe

windows10-2004-x64

9

a7ec6d64b2...db.exe

windows7-x64

1

a7ec6d64b2...db.exe

windows10-2004-x64

1

a7fd5ae1f0...f8.exe

windows7-x64

10

a7fd5ae1f0...f8.exe

windows10-2004-x64

10

a884e586e0...e0.exe

windows7-x64

10

a884e586e0...e0.exe

windows10-2004-x64

10

a8b0399c70...33.exe

windows7-x64

10

a8b0399c70...33.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/03/2025, 06:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a6d91e550d33f9f64c5e292e47013b055f721bbc1865d3bfa5d89fe7f840586e.exe

  • Size

    7.9MB

  • MD5

    581f750f1076c31896606b8bd1a3265e

  • SHA1

    23e2a2b8b3ac67c75477621008f6d736cbc3ca7b

  • SHA256

    a6d91e550d33f9f64c5e292e47013b055f721bbc1865d3bfa5d89fe7f840586e

  • SHA512

    b0297edc8c5c0f81c277fa6d39bcf3677c6ea4b16651657704fb11e90da803deb3986527ee2601e9b0c1665cdbf209c9bdf0586451a7a3da3acc134aa1f9a655

  • SSDEEP

    196608:M9sGLbd7rEWWn87E3QeotSqrG8YqcIXcZZBB:MmqbhrEbn87eZsFmq+d

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a6d91e550d33f9f64c5e292e47013b055f721bbc1865d3bfa5d89fe7f840586e.exe
    "C:\Users\Admin\AppData\Local\Temp\a6d91e550d33f9f64c5e292e47013b055f721bbc1865d3bfa5d89fe7f840586e.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1868
    • C:\Users\Admin\AppData\Local\Temp\C8BxQ5.exe
      QzpcVXNlcnNcQWRtaW5cQXBwRGF0YVxMb2NhbFxUZW1wXGE2ZDkxZTU1MGQzM2Y5ZjY0YzVlMjkyZTQ3MDEzYjA1NWY3MjFiYmMxODY1ZDNiZmE1ZDg5ZmU3Zjg0MDU4NmUuZXhl 41
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:4724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\C8BxQ5.exe
    Filesize

    7.9MB

    MD5

    2728538eca485069e474a88a180b9f6b

    SHA1

    f69fe0446dccd1938d6cbb458767f073a07a0faa

    SHA256

    f9a14c10cf4a5284df6effe939b99fb1bd233fee62d33f38876fc45e454b0b29

    SHA512

    a9b04de41789b7fb8fb1727d65eeab4e4ca2b4a313be5d7621e71a6e9ababb35fa8940edc2eb44317ac51f2bf5fcbb9c81ae03e97a3d66535f34e1d874005980

    Download Submit

  • memory/1868-0-0x00007FFB1A863000-0x00007FFB1A865000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1868-1-0x0000029256800000-0x0000029257B12000-memory.dmp

    Filesize

    19.1MB

    Download

  • memory/1868-2-0x00007FFB1A860000-0x00007FFB1B321000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1868-13-0x00007FFB1A860000-0x00007FFB1B321000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4724-20-0x000002009E060000-0x000002009E06E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4724-18-0x00000200A1E20000-0x00000200A1E28000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4724-15-0x00007FFB1A860000-0x00007FFB1B321000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4724-16-0x000002009DA70000-0x000002009DA78000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4724-17-0x000002009DA60000-0x000002009DA70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4724-12-0x00007FFB1A860000-0x00007FFB1B321000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4724-19-0x000002009E090000-0x000002009E0C8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4724-14-0x0000020080AF0000-0x0000020081E02000-memory.dmp

    Filesize

    19.1MB

    Download

  • memory/4724-23-0x00000200A2630000-0x00000200A30B6000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/4724-24-0x00007FFB393D0000-0x00007FFB393D2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4724-25-0x00000200A2630000-0x00000200A30B6000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/4724-27-0x00000200A2630000-0x00000200A30B6000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/4724-28-0x00000200A2630000-0x00000200A30B6000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/4724-30-0x00007FFB1A860000-0x00007FFB1B321000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4724-31-0x00007FFB1A860000-0x00007FFB1B321000-memory.dmp

    Filesize

    10.8MB

    Download