Overview

overview

10

Static

static

SecuriteIn...24.exe

windows7-x64

1

SecuriteIn...24.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    60s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220718-en
  • resource tags

    arch:x64arch:x86image:win7-20220718-enlocale:en-usos:windows7-x64system
  • submitted
    08-08-2022 03:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.W32.AIDetectNet.01.7624.exe

  • Size

    1.0MB

  • MD5

    a80a2a5f4aaee7c7df7f01ca7a919080

  • SHA1

    17dc830d904c56709e910c193be53927b2783516

  • SHA256

    817eb88f299a32c9937d45886b978c2fcee619c756d4daf33af39604432064f0

  • SHA512

    ff5f2808d8252a707c8e7b11a67290d0dac0a6e2d45a717c02384a6240b74e4910bc8497349589c1813122f0c8e49b49dc8a9653b1e9d06b8c970e46aa81e751

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 9 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2004
    • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe
      "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe"
      2⤵
        PID:1244
      • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe
        "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe"
        2⤵
          PID:1264
        • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe
          "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe"
          2⤵
            PID:1172
          • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe
            "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe"
            2⤵
              PID:1348
            • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe
              "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.AIDetectNet.01.7624.exe"
              2⤵
                PID:1184

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/2004-54-0x0000000000350000-0x0000000000460000-memory.dmp
              Filesize

              1.1MB

              Download
            • memory/2004-55-0x00000000760F1000-0x00000000760F3000-memory.dmp
              Filesize

              8KB

              Download
            • memory/2004-56-0x00000000006C0000-0x00000000006E0000-memory.dmp
              Filesize

              128KB

              Download
            • memory/2004-57-0x00000000007E0000-0x00000000007EC000-memory.dmp
              Filesize

              48KB

              Download
            • memory/2004-58-0x0000000007E60000-0x0000000007EEA000-memory.dmp
              Filesize

              552KB

              Download
            • memory/2004-59-0x00000000021A5000-0x00000000021B6000-memory.dmp
              Filesize

              68KB

              Download
            • memory/2004-60-0x0000000005110000-0x0000000005160000-memory.dmp
              Filesize

              320KB

              Download
            • memory/2004-61-0x00000000021A5000-0x00000000021B6000-memory.dmp
              Filesize

              68KB

              Download