Overview

overview

10

Static

static

5ea4a54b87...48.exe

windows7-x64

1

5ea4a54b87...48.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    8s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    22-10-2022 05:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ea4a54b8778bef69dcfd4ea080e3fc7077a82797cdaa8ff60ac2214d3485248.exe

  • Size

    400KB

  • MD5

    937f2c33de9e38de79ad30ce7fc74705

  • SHA1

    cd58f0511142c588049dee66c3047b88bb57806d

  • SHA256

    5ea4a54b8778bef69dcfd4ea080e3fc7077a82797cdaa8ff60ac2214d3485248

  • SHA512

    aa3f1635783df2bdaf344129a925e1b4c6e4af7776f7b9c9a04610a775b2760c79177fad8acf3c5c833d28b7bc5dfd058eb86758debd13826afd01d13ea4fdcc

  • SSDEEP

    6144:m+5SY2+5yZzoW4Hm7XdTqr1+LC87iiFLd1//KSkl8aIrA6mJOl:lQVbz9qrcb7jtdlkNyoOl

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5ea4a54b8778bef69dcfd4ea080e3fc7077a82797cdaa8ff60ac2214d3485248.exe
    "C:\Users\Admin\AppData\Local\Temp\5ea4a54b8778bef69dcfd4ea080e3fc7077a82797cdaa8ff60ac2214d3485248.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1364-54-0x0000000075091000-0x0000000075093000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1364-55-0x0000000000400000-0x00000000004A7000-memory.dmp

    Filesize

    668KB

    Download

  • memory/1364-59-0x0000000001D70000-0x0000000001DF4000-memory.dmp

    Filesize

    528KB

    Download