Overview

overview

10

Static

static

0f9532e3cd...8b.exe

windows7_x64

10

0f9532e3cd...8b.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    128s
  • max time network
    60s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    30-06-2022 19:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0f9532e3cdaff695203ef2cf8fb3f3f77699ce2876c227bc0cb7745c72b31c8b.exe

  • Size

    482KB

  • MD5

    c7157320dce16a831cc69973e5fa7c3d

  • SHA1

    401273717f470926d024fb36abe6411cbfdd0840

  • SHA256

    0f9532e3cdaff695203ef2cf8fb3f3f77699ce2876c227bc0cb7745c72b31c8b

  • SHA512

    096095e178ea6be6872c4f2aa974aa7186d2b3d1685092cd48d92183d4fe723e478862362e094ab4d39931553b9ee77296322ec509831f5ec90128499291ba44

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0f9532e3cdaff695203ef2cf8fb3f3f77699ce2876c227bc0cb7745c72b31c8b.exe
    "C:\Users\Admin\AppData\Local\Temp\0f9532e3cdaff695203ef2cf8fb3f3f77699ce2876c227bc0cb7745c72b31c8b.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4652-130-0x0000000000A00000-0x0000000000A7E000-memory.dmp
    Filesize

    504KB

    Download
  • memory/4652-131-0x0000000005400000-0x000000000549C000-memory.dmp
    Filesize

    624KB

    Download
  • memory/4652-132-0x0000000005AC0000-0x0000000006064000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/4652-133-0x0000000005670000-0x0000000005702000-memory.dmp
    Filesize

    584KB

    Download
  • memory/4652-134-0x0000000005610000-0x000000000561A000-memory.dmp
    Filesize

    40KB

    Download
  • memory/4652-135-0x00000000011E0000-0x0000000001246000-memory.dmp
    Filesize

    408KB

    Download