Overview

overview

10

Static

static

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    45s
  • max time network
    48s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    16-09-2022 10:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e79572b925992e2c01e4e47c83a2d3796cb2fab7eb716d146f4551ecb5e95024.exe

  • Size

    71KB

  • MD5

    1a9a8f5167110e1fbc55ab294d1ce876

  • SHA1

    3c3ea653a37eff8b2b4214a4c6ecca3de5f33e99

  • SHA256

    e79572b925992e2c01e4e47c83a2d3796cb2fab7eb716d146f4551ecb5e95024

  • SHA512

    7ec52829af747146fe1fbc74e15d0919687a3a08f0b6e3371a8c0ba446373a1748883d4452702a65f32f2740a4167eed1b18e11fa8c900fec7255e47356dd277

  • SSDEEP

    768:FpaTRtS/y3YNYHFqJe4cplUf3/281s8TnJbR8YcdX2t3Ux4sbDZ+kAwl0dBKvl:+TmkDlqJJcc281s8dbRxZpGDb1HAwr9

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e79572b925992e2c01e4e47c83a2d3796cb2fab7eb716d146f4551ecb5e95024.exe
    "C:\Users\Admin\AppData\Local\Temp\e79572b925992e2c01e4e47c83a2d3796cb2fab7eb716d146f4551ecb5e95024.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/536-54-0x0000000000940000-0x0000000000958000-memory.dmp

    Filesize

    96KB

    Download

  • memory/536-55-0x0000000000500000-0x0000000000506000-memory.dmp

    Filesize

    24KB

    Download

  • memory/536-56-0x0000000075B11000-0x0000000075B13000-memory.dmp

    Filesize

    8KB

    Download