Overview

overview

1

Static

static

14efa0467e...9e.exe

windows7-x64

1

14efa0467e...9e.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-10-2022 15:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    14efa0467eb3da8391f9c8dc53f6d8ba800805aa76ecc4b3c3958eeba7da3d9e.exe

  • Size

    10KB

  • MD5

    a17d9c2f1196e85b1e8d0eea964a28c0

  • SHA1

    240116d086eb0b54b4d8330673ad770ba4bd5b1f

  • SHA256

    14efa0467eb3da8391f9c8dc53f6d8ba800805aa76ecc4b3c3958eeba7da3d9e

  • SHA512

    0ddf615e2f690aa060b4979ef05ea234a651b0eb412e2894e2f24d5b412b13d4f34abb969887598f8b832a8238ad05b88c48d93b6986dfeae915ff3df51eefab

  • SSDEEP

    192:6YsPzR7cmB613KzbYKbziCK2gzNm7sGRo4zBE00Dr:FkgDxKzb5bzikgzNm7sGRxz6XD

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\14efa0467eb3da8391f9c8dc53f6d8ba800805aa76ecc4b3c3958eeba7da3d9e.exe
    "C:\Users\Admin\AppData\Local\Temp\14efa0467eb3da8391f9c8dc53f6d8ba800805aa76ecc4b3c3958eeba7da3d9e.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2628

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2628-132-0x0000000074EC0000-0x0000000075471000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/2628-133-0x0000000074EC0000-0x0000000075471000-memory.dmp

    Filesize

    5.7MB

    Download