Analysis

  • max time kernel
    143s
  • max time network
    177s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/10/2022, 02:53

General

  • Target

    ae9d185c95b4440e662d28f519a9f2fe61477e088cd11028f35c970dc015b731.exe

  • Size

    7KB

  • MD5

    68c1c3d5d1d0a5ff2c7951c5a0087228

  • SHA1

    4fa75a7a1dd5697195a2f36d5b1a6c15eb2fb93e

  • SHA256

    ae9d185c95b4440e662d28f519a9f2fe61477e088cd11028f35c970dc015b731

  • SHA512

    252b4a299b1ae70cc10714f1e6f90f6cb88f1a73f8b8b3b623ab69005a929288a6ee51eff51419c8ad3472eb35cbdb67ab0aaba9b54482515830673a7439e360

  • SSDEEP

    96:2XsbGf+kbIY6boyloS9mMjibSl218zvKGUYVzNt:mGmpCKav

Score
7/10

Malware Config

Signatures

  • Drops startup file 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ae9d185c95b4440e662d28f519a9f2fe61477e088cd11028f35c970dc015b731.exe
    "C:\Users\Admin\AppData\Local\Temp\ae9d185c95b4440e662d28f519a9f2fe61477e088cd11028f35c970dc015b731.exe"
    1⤵
    • Drops startup file
    • Suspicious use of AdjustPrivilegeToken
    PID:2040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2040-132-0x0000000074E30000-0x00000000753E1000-memory.dmp

    Filesize

    5.7MB

  • memory/2040-133-0x0000000074E30000-0x00000000753E1000-memory.dmp

    Filesize

    5.7MB