Analysis
-
max time kernel
40s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
29-09-2022 12:38
General
-
Target
Trojan-Ransom.Win32.Zerber.gdcx-4a8031fc97753e95eb440a1f0f100ddcfbca0bca0bb2271dbc775e129282f304.exe
-
Size
148KB
-
MD5
3ce563e899291b59fa8c57c98cad9b4e
-
SHA1
7157cc9cf910735727b6601ad4d532cdd0fedc7e
-
SHA256
4a8031fc97753e95eb440a1f0f100ddcfbca0bca0bb2271dbc775e129282f304
-
SHA512
827dc0e9f9212ec0d4c1e8c7180c33d387548f7de6d0b45a2eef01f22f69ee571d3f2f8b610b8f671f4b25abaa578431ce758a5e41740e7b8c63ca85ef953469
-
SSDEEP
3072:/UuL1hDewdkuaLYO/IBK2btFVL1xTevRUyZDDdnN5:/Ue1hyioVgBhnNPK5FZD5n
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Trojan-Ransom.Win32.Zerber.gdcx-4a8031fc97753e95eb440a1f0f100ddcfbca0bca0bb2271dbc775e129282f304.exe"C:\Users\Admin\AppData\Local\Temp\Trojan-Ransom.Win32.Zerber.gdcx-4a8031fc97753e95eb440a1f0f100ddcfbca0bca0bb2271dbc775e129282f304.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1640-54-0x0000000000B10000-0x0000000000B3C000-memory.dmpFilesize
176KB
-
memory/1640-55-0x0000000000550000-0x0000000000566000-memory.dmpFilesize
88KB
-
memory/1640-56-0x0000000000560000-0x0000000000566000-memory.dmpFilesize
24KB
-
memory/1640-57-0x000000001AD00000-0x000000001AD38000-memory.dmpFilesize
224KB