Analysis
-
max time kernel
4294181s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20220223-en -
submitted
02-03-2022 23:57
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.Trojan.GVC.genEldorado.12191.exe
Resource
win7-20220223-en
windows7_x64
0 signatures
0 seconds
General
-
Target
SecuriteInfo.com.W32.Trojan.GVC.genEldorado.12191.exe
-
Size
2.5MB
-
MD5
b545e2b0fdf47667624c08999c0b873e
-
SHA1
da6f23f5a9fbd123025d6a2b9cd39c2355b7345c
-
SHA256
edb86e9c3d29b3d13c82562dc1aeb1cd7e2c33e2bfcbae30791bf1d1aaf4345f
-
SHA512
908dc1ec45f023e649b9de0cc7cf32f2a02a404012cf78c393dce2b8064350a3ab1b8e541a920a6fdb94a17d05547ad77a1eda6a4e1c204472cf71749e71bda2
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
SecuriteInfo.com.W32.Trojan.GVC.genEldorado.12191.exedescription pid process Token: SeDebugPrivilege 756 SecuriteInfo.com.W32.Trojan.GVC.genEldorado.12191.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/756-54-0x0000000000040000-0x00000000002C0000-memory.dmpFilesize
2.5MB
-
memory/756-55-0x0000000073F2E000-0x0000000073F2F000-memory.dmpFilesize
4KB
-
memory/756-56-0x0000000004DB0000-0x0000000004DB1000-memory.dmpFilesize
4KB
-
memory/756-57-0x0000000004DB5000-0x0000000004DC6000-memory.dmpFilesize
68KB
-
memory/756-58-0x000000000A020000-0x000000000A16C000-memory.dmpFilesize
1.3MB