Overview

overview

10

Static

static

10

fe366d4655...a7.exe

windows7_x64

1

fe366d4655...a7.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    142s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    15-02-2022 04:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fe366d465529880c7acc45f37268f9013172008ff3b5903c3aecfc90b08a80a7.exe

  • Size

    1.4MB

  • MD5

    921e404df10785d495eb902bc95edea2

  • SHA1

    f5b83383a848666aa1c86452cb7145d6d5b0a381

  • SHA256

    fe366d465529880c7acc45f37268f9013172008ff3b5903c3aecfc90b08a80a7

  • SHA512

    efad99adf754418a2a25dfdd35e7da95ae3284bfc18781575c4050c7b403d3d4de21c6b29d42b82af79ddff3c983d68285c0be64d4cdcc9aa62610081fe4b469

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fe366d465529880c7acc45f37268f9013172008ff3b5903c3aecfc90b08a80a7.exe
    "C:\Users\Admin\AppData\Local\Temp\fe366d465529880c7acc45f37268f9013172008ff3b5903c3aecfc90b08a80a7.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1668-55-0x000007FEF5933000-0x000007FEF5934000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1668-56-0x00000000025C2000-0x00000000025C4000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1668-57-0x0000000000140000-0x000000000017E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/1668-58-0x00000000025C4000-0x00000000025C6000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1668-59-0x00000000025C6000-0x00000000025C7000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1668-60-0x00000000025C7000-0x00000000025C8000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1668-61-0x00000000025CC000-0x00000000025EB000-memory.dmp

    Filesize

    124KB

    Download