Overview

overview

10

Static

static

79ba312945...27.exe

windows7-x64

1

79ba312945...27.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    8s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-10-2022 03:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    79ba3129456095cb130aab3b2fc6e840a6c12b7af06b4120013c6899321ef627.exe

  • Size

    424KB

  • MD5

    d313ccc04176d6084de172cb8aa91a3a

  • SHA1

    1c661ef24338246e08f8266c4b4a5a877de33138

  • SHA256

    79ba3129456095cb130aab3b2fc6e840a6c12b7af06b4120013c6899321ef627

  • SHA512

    5a74833990e3a1bd0db33d782e1197b59dc0ea01aee90cf71dd64c9801967655d4e5e454e055c119f99d6fdcd0c143bab5c86b238e4d36a1370d0c48071e079c

  • SSDEEP

    12288:BtTSCpL5xUCSss7sgHi10WtdCW083blCJxfS6:TTSUHUCS/diqW2gOR1

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\79ba3129456095cb130aab3b2fc6e840a6c12b7af06b4120013c6899321ef627.exe
    "C:\Users\Admin\AppData\Local\Temp\79ba3129456095cb130aab3b2fc6e840a6c12b7af06b4120013c6899321ef627.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1504-54-0x00000000768A1000-0x00000000768A3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1504-55-0x0000000000400000-0x00000000004AD000-memory.dmp

    Filesize

    692KB

    Download

  • memory/1504-59-0x0000000000370000-0x00000000003F5000-memory.dmp

    Filesize

    532KB

    Download