Overview

overview

10

Static

static

10

2/VirusSha...8d.exe

windows10-2004-x64

3

2/VirusSha...fa.exe

windows10-2004-x64

3

2/VirusSha...c8.doc

windows10-2004-x64

10

2/VirusSha...03.doc

windows10-2004-x64

1

2/VirusSha...40.pdf

windows10-2004-x64

3

2/wedding.apk

android-9-x86

2/wedding.apk

android-10-x64

2/wedding.apk

android-11-x64

Analysis

  • max time kernel
    104s
  • max time network
    112s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250410-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250410-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/04/2025, 00:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2/VirusShare_01b55404de50bd1a56343b2f316ff88d.exe

  • Size

    121KB

  • MD5

    01b55404de50bd1a56343b2f316ff88d

  • SHA1

    8a6b9599d3e71c83eaef7f5a23df21b4f41370b1

  • SHA256

    69bd652ace6469311a49a12f66bbbc691bdfc69aba958dd02d928464cbb46609

  • SHA512

    f1ec4bf6768dea2edc53c72dd7c884641a464f4268d21480bb55fbdb1079b8c5c9fb50eab4b29d13acb4a8682ca6ae291341e01b748e228b185676e48df2e598

  • SSDEEP

    3072:JrhJGtDfYtWAh3A8lKl+/63VBwxkbwQXz8lFTnc:JrhJoDfY13KE/qVlNYvnc

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2\VirusShare_01b55404de50bd1a56343b2f316ff88d.exe
    "C:\Users\Admin\AppData\Local\Temp\2\VirusShare_01b55404de50bd1a56343b2f316ff88d.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    PID:3720

Network

MITRE ATT&CK Enterprise v16

Replay Monitor

Loading Replay Monitor...

Downloads