Overview

overview

10

Static

static

7e9dc695fa...cd.exe

windows7-x64

1

7e9dc695fa...cd.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    8s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-10-2022 05:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7e9dc695fa671680871d62dd8521b4833fcbfc00a4e5da792083b38c7870d7cd.exe

  • Size

    424KB

  • MD5

    7c40b634eede572b07ff7a01b58241e3

  • SHA1

    4100efcc1336945fad2de3dac21faa7056b1ba4c

  • SHA256

    7e9dc695fa671680871d62dd8521b4833fcbfc00a4e5da792083b38c7870d7cd

  • SHA512

    0b04c3e70b67cb6c5c2e3dcdc3c47efd1bfbbb8f12411577b6217cceb7359307485257ce017456865f12886018888904316aa51c2fe2c0451dc4b93dda046d3a

  • SSDEEP

    12288:EmM+X6gSTFp6q5ePiWkO1AeV5WhtblCJxfS6:zMq6gSTLj5f5O5u5OR1

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7e9dc695fa671680871d62dd8521b4833fcbfc00a4e5da792083b38c7870d7cd.exe
    "C:\Users\Admin\AppData\Local\Temp\7e9dc695fa671680871d62dd8521b4833fcbfc00a4e5da792083b38c7870d7cd.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1280-54-0x0000000075811000-0x0000000075813000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1280-55-0x0000000000400000-0x00000000004AD000-memory.dmp

    Filesize

    692KB

    Download

  • memory/1280-59-0x0000000001C40000-0x0000000001CC5000-memory.dmp

    Filesize

    532KB

    Download