Overview

overview

1

Static

static

2039f1b55d...4f.exe

windows7-x64

1

2039f1b55d...4f.exe

windows10-2004-x64

1

Resubmissions

16/10/2022, 11:23

221016-nhgk8ahdck 1

16/10/2022, 10:58

221016-m26tsahdb8 3

Analysis

  • max time kernel
    92s
  • max time network
    176s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/10/2022, 11:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2039f1b55d261941a513fe9acd5948730e05f3b91a9897eb0823786bde51484f.exe

  • Size

    3.3MB

  • MD5

    edcd4d186bca6d2445dc5c538887f6f4

  • SHA1

    cafadb80c28d5696cba4a8838df3b96f1b50ce0e

  • SHA256

    2039f1b55d261941a513fe9acd5948730e05f3b91a9897eb0823786bde51484f

  • SHA512

    46959471524ac8e437e6b30027c0c85d5f15a8328c0b75c40f5d56631f8b1d54e3198492be16727189cfc420315b4b7f394a0aaf4d66117b28da6d713c8e60c5

  • SSDEEP

    98304:8VkX17jT3r34lTi7VVzmeaFEfmXgpAH6PB:8VkpTboliHmeaC+Xgg6PB

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2039f1b55d261941a513fe9acd5948730e05f3b91a9897eb0823786bde51484f.exe
    "C:\Users\Admin\AppData\Local\Temp\2039f1b55d261941a513fe9acd5948730e05f3b91a9897eb0823786bde51484f.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3172-132-0x000002EBCE5C0000-0x000002EBCE91A000-memory.dmp

    Filesize

    3.4MB

    Download

  • memory/3172-133-0x00007FFF78310000-0x00007FFF78DD1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3172-134-0x000002EBCEC80000-0x000002EBCEC9A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/3172-135-0x00007FFF78310000-0x00007FFF78DD1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3172-136-0x000002EBE9E50000-0x000002EBE9E62000-memory.dmp

    Filesize

    72KB

    Download

  • memory/3172-137-0x000002EBED6D0000-0x000002EBEDB9C000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/3172-138-0x00007FFF964D0000-0x00007FFF966C5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3172-139-0x00007FFF95350000-0x00007FFF9540E000-memory.dmp

    Filesize

    760KB

    Download

  • memory/3172-140-0x00007FFF93C20000-0x00007FFF93EE9000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/3172-141-0x00007FFF95060000-0x00007FFF9510C000-memory.dmp

    Filesize

    688KB

    Download

  • memory/3172-142-0x00007FFF78310000-0x00007FFF78DD1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3172-143-0x00007FFF964D0000-0x00007FFF966C5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3172-145-0x00007FFF93C20000-0x00007FFF93EE9000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/3172-144-0x00007FFF95350000-0x00007FFF9540E000-memory.dmp

    Filesize

    760KB

    Download

  • memory/3172-146-0x00007FFF95060000-0x00007FFF9510C000-memory.dmp

    Filesize

    688KB

    Download