91cd8bfbe714acc43beff32856c3d56ded48706d3c92c492a1acb994b606003b | Triage

Analysis

max time kernel
1783s
max time network
1818s
platform
windows7_x64
resource
win7-en-20211208
submitted
16-02-2022 17:24

Sharing

Report Analysis Logs

General

Target

all/clickers/mangoclicker.exe
Size

937KB
MD5

091aabf897476d2d6e82fd0fc21a394b
SHA1

f531eda1a001a9cfc9191c1d8a4048c61ee53393
SHA256

6c9708fcb2729df27a7d92dc2573fd9ea9c518a8b53a103ca597dfbea398236a
SHA512

bc386b500631f756521b3cf0b05605c16e3edc21f0fbaf90faf6ccf3a2bad2caf33ac7c5d736c8be3d549c7c13db37730aeab9b859fed864e0f1c5126a4fdbd9

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

mangoclicker.exe

description pid process

Token: SeDebugPrivilege 1616 mangoclicker.exe

C:\Users\Admin\AppData\Local\Temp\all\clickers\mangoclicker.exe
"C:\Users\Admin\AppData\Local\Temp\all\clickers\mangoclicker.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1616

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1616-55-0x000007FEF4C33000-0x000007FEF4C34000-memory.dmp

Filesize
4KB

Download
memory/1616-56-0x0000000000E40000-0x0000000000F2E000-memory.dmp

Filesize
952KB

Download
memory/1616-57-0x0000000002590000-0x0000000002656000-memory.dmp

Filesize
792KB

Download
memory/1616-58-0x0000000002430000-0x0000000002432000-memory.dmp

Filesize
8KB

Download