Overview

overview

10

Static

static

1b64551d98...b8.exe

windows7-x64

1

1b64551d98...b8.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    18/10/2022, 04:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1b64551d984bdaffeabf6a04fece8c92784ebe08f64254dac9630a4b754c22b8.exe

  • Size

    6KB

  • MD5

    e50afa71c3a883dfb7ace4f22f4b6e96

  • SHA1

    6b076f4da5557502c87f248db804d456ee7a686f

  • SHA256

    1b64551d984bdaffeabf6a04fece8c92784ebe08f64254dac9630a4b754c22b8

  • SHA512

    f20bf1418519c9076c7bd5ff83814e5ceb75f7bd2a72769de427458990be9f06b254249a3b3319e1e7816b052eaa44a340bee8e38febad2d7a96ac3d1a83e1ab

  • SSDEEP

    96:Jr3ozMTIj78gVY40N9R02aBhkuifY5KW1YdaKNDc6NyWejFnU:d36rY/9i2whkuCY1ANLB

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1b64551d984bdaffeabf6a04fece8c92784ebe08f64254dac9630a4b754c22b8.exe
    "C:\Users\Admin\AppData\Local\Temp\1b64551d984bdaffeabf6a04fece8c92784ebe08f64254dac9630a4b754c22b8.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1048

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1048-54-0x0000000000840000-0x0000000000848000-memory.dmp

          Filesize

          32KB

          Download

        • memory/1048-55-0x0000000076171000-0x0000000076173000-memory.dmp

          Filesize

          8KB

          Download