Resubmissions
23-12-2021 18:27
211223-w315csccej 1023-12-2021 18:26
211223-w3h9jsccdq 122-12-2021 14:59
211222-sc3zgsgcgr 10Analysis
-
max time kernel
16s -
max time network
18s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
23-12-2021 18:26
Static task
static1
Behavioral task
behavioral1
Sample
4b6a6c7ec55b989c2c3fbf8f637b1d465a512ebd.exe
Resource
win7-en-20211208
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
4b6a6c7ec55b989c2c3fbf8f637b1d465a512ebd.exe
Resource
win10-en-20211208
0 signatures
0 seconds
General
-
Target
4b6a6c7ec55b989c2c3fbf8f637b1d465a512ebd.exe
-
Size
2.3MB
-
MD5
cf11336d198c7034cb4e2a28c04d8898
-
SHA1
50363fb0351f85d10faa9fd2729129f8753ab60f
-
SHA256
892fe797710cbdda052f494e1979a339c14f96220d3d1a7c51d4f28ef47385de
-
SHA512
a35a642a5aaa42b446b480ae63b9cddf3da4ef3720e71e65092ac36c497956cff06587da171145e53b189cb0ff10b65925e21eeb7ba15c38ad8920533099a43c
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
4b6a6c7ec55b989c2c3fbf8f637b1d465a512ebd.exedescription pid process Token: SeDebugPrivilege 840 4b6a6c7ec55b989c2c3fbf8f637b1d465a512ebd.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/840-55-0x00000000010E0000-0x000000000133A000-memory.dmpFilesize
2.4MB
-
memory/840-54-0x00000000010E0000-0x000000000133A000-memory.dmpFilesize
2.4MB
-
memory/840-56-0x0000000076491000-0x0000000076493000-memory.dmpFilesize
8KB
-
memory/840-57-0x0000000000F40000-0x0000000000F41000-memory.dmpFilesize
4KB
-
memory/840-58-0x0000000005DD0000-0x0000000005FF2000-memory.dmpFilesize
2.1MB