Overview

overview

7

Static

static

27808282d4...4e.exe

windows7-x64

7

27808282d4...4e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2022 00:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27808282d4cd2b5b108aa7ae83f7d02e7923e2a938fbafcf38b5d9c71cf48f4e.exe

  • Size

    51KB

  • MD5

    6880d84da82e928dbb47347a10856194

  • SHA1

    456d7df67ecbda0ccf4a5af42ddb5d849afcf651

  • SHA256

    27808282d4cd2b5b108aa7ae83f7d02e7923e2a938fbafcf38b5d9c71cf48f4e

  • SHA512

    7e84871c9b926153d082c762635b36939fc567ae53bac3e83f4fa2637b41897d0710087da2488ca9cbb80168174c94adb640776228aef14a629b7e86f55dda49

  • SSDEEP

    1536:NXo3QCi1o/atK/DDNTDZbjgHJyxOW0sjh/ZGLRE:ho3Ri1o/atK//OTU

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\27808282d4cd2b5b108aa7ae83f7d02e7923e2a938fbafcf38b5d9c71cf48f4e.exe
    "C:\Users\Admin\AppData\Local\Temp\27808282d4cd2b5b108aa7ae83f7d02e7923e2a938fbafcf38b5d9c71cf48f4e.exe"
    1⤵
    • Loads dropped DLL
    PID:1472
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x570
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\bassmod.dll
    Filesize

    9KB

    MD5

    780d14604d49e3c634200c523def8351

    SHA1

    e208ef6f421d2260070a9222f1f918f1de0a8eeb

    SHA256

    844eb66a10b848d3a71a8c63c35f0a01550a46d2ff8503e2ca8947978b03b4d2

    SHA512

    a49c030f11da8f0cdc4205c86bec00653ec2f8899983cad9d7195fd23255439291aaec5a7e128e1a103efd93b8566e86f15af89eba4efebf9debce14a7a5564b

    Download Submit

  • memory/1472-54-0x0000000074C11000-0x0000000074C13000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1472-55-0x0000000000400000-0x0000000000410000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1472-57-0x0000000000400000-0x0000000000410000-memory.dmp

    Filesize

    64KB

    Download