Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
02-07-2024 02:04
Static task
static1
Behavioral task
behavioral1
Sample
cc4b5d5653d7dafb9cda51793a15ee5d987b82d3e62e97b3915e5032e7ae4f8e.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
cc4b5d5653d7dafb9cda51793a15ee5d987b82d3e62e97b3915e5032e7ae4f8e.exe
Resource
win10v2004-20240508-en
General
-
Target
cc4b5d5653d7dafb9cda51793a15ee5d987b82d3e62e97b3915e5032e7ae4f8e.exe
-
Size
208KB
-
MD5
f362e538a7ba343bc0b263549c105623
-
SHA1
b70b3aae17c704cb571a9e03c27651c792b18f3b
-
SHA256
cc4b5d5653d7dafb9cda51793a15ee5d987b82d3e62e97b3915e5032e7ae4f8e
-
SHA512
cfc6c87e38dceb19803c921a115f10196807f87a3e040aadc1aae402c577584110fa60eb903a88bc3eedc2b17308a0043a477011061c7eb8d10ef324d3c9210a
-
SSDEEP
3072:5bQw54d0TZ0tShFwUPnS21mQbnc+BR0pKREX/WONBuwrhmc7U1iIyxpIhNXOXca3:mpdUZ0tu6uwrhmAZcrFsnLAg
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
cc4b5d5653d7dafb9cda51793a15ee5d987b82d3e62e97b3915e5032e7ae4f8e.exedescription pid process Token: SeDebugPrivilege 1644 cc4b5d5653d7dafb9cda51793a15ee5d987b82d3e62e97b3915e5032e7ae4f8e.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1644-0-0x00007FF980EF3000-0x00007FF980EF5000-memory.dmpFilesize
8KB
-
memory/1644-1-0x000001E1EC3A0000-0x000001E1EC3D8000-memory.dmpFilesize
224KB
-
memory/1644-2-0x00007FF980EF0000-0x00007FF9819B1000-memory.dmpFilesize
10.8MB
-
memory/1644-3-0x00007FF980EF3000-0x00007FF980EF5000-memory.dmpFilesize
8KB
-
memory/1644-4-0x00007FF980EF0000-0x00007FF9819B1000-memory.dmpFilesize
10.8MB