Overview

overview

10

Static

static

f4eb00edcb...d2.exe

windows7_x64

10

f4eb00edcb...d2.exe

windows10_x64

10

ee4355899a...0b.exe

windows7_x64

1

ee4355899a...0b.exe

windows10_x64

1

e5d61c0b7d...0f.exe

windows7_x64

10

e5d61c0b7d...0f.exe

windows10_x64

10

e2ffb8aeeb...f6.exe

windows7_x64

10

e2ffb8aeeb...f6.exe

windows10_x64

7

d965344c14...19.exe

windows7_x64

10

d965344c14...19.exe

windows10_x64

10

d097ca2583...22.exe

windows7_x64

10

d097ca2583...22.exe

windows10_x64

10

ca14b87b56...83.exe

windows7_x64

10

ca14b87b56...83.exe

windows10_x64

10

bc6dfe9ae5...09.exe

windows7_x64

3

bc6dfe9ae5...09.exe

windows10_x64

3

b645101f39...21.exe

windows7_x64

10

b645101f39...21.exe

windows10_x64

10

9c4880a98c...82.exe

windows7_x64

10

9c4880a98c...82.exe

windows10_x64

10

96c9fde298...34.exe

windows7_x64

10

96c9fde298...34.exe

windows10_x64

10

88e993e974...2f.exe

windows7_x64

10

88e993e974...2f.exe

windows10_x64

10

809ed9e2d0...41.exe

windows7_x64

10

809ed9e2d0...41.exe

windows10_x64

10

7dc7ca2414...84.exe

windows7_x64

10

7dc7ca2414...84.exe

windows10_x64

10

775338ae18...e4.exe

windows7_x64

10

775338ae18...e4.exe

windows10_x64

10

5cb26af890...00.exe

windows7_x64

10

5cb26af890...00.exe

windows10_x64

10

Analysis

  • max time kernel
    161s
  • max time network
    182s
  • platform
    windows7_x64
  • resource
    win7-en-20211104
  • submitted
    10-11-2021 15:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ee4355899a94ed5b369d8a8851d52ef2286c01af577e70bc82f43a5f4716fb0b.exe

  • Size

    8KB

  • MD5

    69f0fe993f6e63c9e7a2b739ec956e82

  • SHA1

    6f9a1b7a9fceac26722da17e204f57a47d7b66a5

  • SHA256

    ee4355899a94ed5b369d8a8851d52ef2286c01af577e70bc82f43a5f4716fb0b

  • SHA512

    1f81e0b8c3a5748a2aa47e02f8b1c1fc09e8d81871a607a148343ac3c579b82685f41eddf2070976a31aabccef0e70303c05d30e0c78c287a5c478c886185b1a

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ee4355899a94ed5b369d8a8851d52ef2286c01af577e70bc82f43a5f4716fb0b.exe
    "C:\Users\Admin\AppData\Local\Temp\ee4355899a94ed5b369d8a8851d52ef2286c01af577e70bc82f43a5f4716fb0b.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/320-55-0x0000000000B00000-0x0000000000B01000-memory.dmp
    Filesize

    4KB

    Download
  • memory/320-57-0x0000000002030000-0x0000000002032000-memory.dmp
    Filesize

    8KB

    Download