Overview

overview

10

Static

static

18df9b7984...56.exe

windows7-x64

1

18df9b7984...56.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    8s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    22-10-2022 05:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    18df9b798468c239fe3464bb550d69d29ff61bbe7e782f15d7e9cf19811b5d56.exe

  • Size

    356KB

  • MD5

    33243e0b29de23e7b0e502d430b19687

  • SHA1

    dea165f93de851c2e916b5ca849b21f459369dcc

  • SHA256

    18df9b798468c239fe3464bb550d69d29ff61bbe7e782f15d7e9cf19811b5d56

  • SHA512

    074cc4d64f2d20e423fde5d3dfc3a518b41a0f34eed73cadf3a9a924262e2848dbc8dfce5ffda6da4e3bdd71abeacde6fe83a6e2d626cb6ad71802473810651c

  • SSDEEP

    6144:WnuEzhHd/Opk3p1JWsjCLmwRHbN4mjc5SWH6NJBZwb9:+th9NJWsjDwR7NvjcSdNJBZw

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\18df9b798468c239fe3464bb550d69d29ff61bbe7e782f15d7e9cf19811b5d56.exe
    "C:\Users\Admin\AppData\Local\Temp\18df9b798468c239fe3464bb550d69d29ff61bbe7e782f15d7e9cf19811b5d56.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1324-54-0x00000000752B1000-0x00000000752B3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1324-55-0x0000000000400000-0x000000000049D000-memory.dmp

    Filesize

    628KB

    Download

  • memory/1324-59-0x00000000004F0000-0x0000000000576000-memory.dmp

    Filesize

    536KB

    Download