Overview

overview

10

Static

static

8ccb96147d...a7.exe

windows7-x64

1

8ccb96147d...a7.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    8s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-10-2022 08:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8ccb96147d6198c9166b9619bfdc67b6f8a8e71318015e3679c6d5b9706f99a7.exe

  • Size

    404KB

  • MD5

    eabd3a0897cd161d8ba35caea23d0556

  • SHA1

    45216a4e48ef209fa244ec2425486db671d55530

  • SHA256

    8ccb96147d6198c9166b9619bfdc67b6f8a8e71318015e3679c6d5b9706f99a7

  • SHA512

    40e614c115727609b9ffc5b7ab9ec0c9f4b7162814aded05a3d817510d588ffbe58df419d493f57897df24fe4028ae2d651c21f9be25522badef1770dcbeff51

  • SSDEEP

    6144:KhgE/69rEIaB8sa1h5kPxnrHBdoeevcQ91R1pQcy4p/FFf2qecRJA6mJOl:wgwGDLsaJkpnroeevca1jNtFFHRJoOl

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8ccb96147d6198c9166b9619bfdc67b6f8a8e71318015e3679c6d5b9706f99a7.exe
    "C:\Users\Admin\AppData\Local\Temp\8ccb96147d6198c9166b9619bfdc67b6f8a8e71318015e3679c6d5b9706f99a7.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1684

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1684-54-0x0000000076401000-0x0000000076403000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1684-55-0x0000000000400000-0x00000000004A8000-memory.dmp

    Filesize

    672KB

    Download

  • memory/1684-59-0x00000000004B0000-0x0000000000534000-memory.dmp

    Filesize

    528KB

    Download