Overview

overview

10

Static

static

CACF8655A7...2B.exe

windows7-x64

10

CACF8655A7...2B.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-10-2022 17:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CACF8655A767034B75770412018127F044B6543A6432B.exe

  • Size

    404KB

  • MD5

    c3401b50b3b292190403579fc6322d1a

  • SHA1

    abf34a111a328bc7605f0d12d5906ea0630afa27

  • SHA256

    cacf8655a767034b75770412018127f044b6543a6432b9d616042a5385dd062d

  • SHA512

    6b5183393fed60ce7b58c69f7a1f43b106cddf548ae3d97d431cdf4a4c21b2b24edf4f45bd610112a4eac339aeb6299368abd754f9ba67610df1b1087c3c929a

  • SSDEEP

    12288:orm6+9Ogo3md7AUuxk39R17uIhIp2VZc:I+pyw39R17u72

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CACF8655A767034B75770412018127F044B6543A6432B.exe
    "C:\Users\Admin\AppData\Local\Temp\CACF8655A767034B75770412018127F044B6543A6432B.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:5068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5068-132-0x00000000006DD000-0x000000000070A000-memory.dmp

    Filesize

    180KB

    Download

  • memory/5068-133-0x00000000004F0000-0x000000000052A000-memory.dmp

    Filesize

    232KB

    Download

  • memory/5068-134-0x0000000004C00000-0x00000000051A4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/5068-135-0x0000000000400000-0x000000000047C000-memory.dmp

    Filesize

    496KB

    Download

  • memory/5068-136-0x00000000051E0000-0x00000000057F8000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/5068-137-0x0000000005810000-0x0000000005822000-memory.dmp

    Filesize

    72KB

    Download

  • memory/5068-138-0x0000000005830000-0x000000000593A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/5068-139-0x00000000059A0000-0x00000000059DC000-memory.dmp

    Filesize

    240KB

    Download

  • memory/5068-140-0x00000000006DD000-0x000000000070A000-memory.dmp

    Filesize

    180KB

    Download

  • memory/5068-141-0x00000000004F0000-0x000000000052A000-memory.dmp

    Filesize

    232KB

    Download