Overview

overview

6

Static

static

99fe690b7b...fd.exe

windows7-x64

1

99fe690b7b...fd.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    35s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    30/10/2022, 17:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    99fe690b7bc9791ccb08ea86c8dd5e7a439e871fab12a04fb6eadf94018716fd.exe

  • Size

    417KB

  • MD5

    1b82b7ea6d210ce2dba359cf75d49315

  • SHA1

    f466703a2416297bc861894eff46926e2b638ad7

  • SHA256

    99fe690b7bc9791ccb08ea86c8dd5e7a439e871fab12a04fb6eadf94018716fd

  • SHA512

    74724d503310c76eef76d5f8d7a39fdcd98cf52d2e45743fe6e87168c0e77b417c1183bb86d1746edc688bee1cbe14fdbcee1dd5ed224ccc8fd1077a648f19bd

  • SSDEEP

    6144:gDKW1Lgbdl0TBBvjc/L8CztaPwg8qgmTDAFRhLA+fdauRI8XpDtKpc:mh1Lk70Tnvjcj8CztaYu5ceUiSypc

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\99fe690b7bc9791ccb08ea86c8dd5e7a439e871fab12a04fb6eadf94018716fd.exe
    "C:\Users\Admin\AppData\Local\Temp\99fe690b7bc9791ccb08ea86c8dd5e7a439e871fab12a04fb6eadf94018716fd.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1584-54-0x0000000075241000-0x0000000075243000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1584-55-0x0000000074740000-0x0000000074CEB000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/1584-56-0x0000000001FCE000-0x0000000001FDF000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1584-57-0x0000000074740000-0x0000000074CEB000-memory.dmp

    Filesize

    5.7MB

    Download