Analysis

  • max time kernel
    45s
  • max time network
    48s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    31/10/2022, 22:06

General

  • Target

    decf97328f90ad3a5d14853159b3e01b7f847a2c01f025545e5eed8a0327ef7b.exe

  • Size

    1.3MB

  • MD5

    c62d9205946f3e34766b619346801889

  • SHA1

    c5505fdcaec7d6241881452f31b8a16ce3203bef

  • SHA256

    decf97328f90ad3a5d14853159b3e01b7f847a2c01f025545e5eed8a0327ef7b

  • SHA512

    4656893b95f660e718cb4f8c03e4efc261c9188e54c4d4dee9e9770cf2d11787148f009acff15a2c73b51819bd7ea1eedb1561585265bfd96e9fb9a9d9248ae7

  • SSDEEP

    24576:kdOhBgDMN++uUViQAih7qtWa5sMjbNvzyFDkmN224BY/0jdYdt:kd2d++uwAw7WiMX1mNt4Xedt

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\decf97328f90ad3a5d14853159b3e01b7f847a2c01f025545e5eed8a0327ef7b.exe
    "C:\Users\Admin\AppData\Local\Temp\decf97328f90ad3a5d14853159b3e01b7f847a2c01f025545e5eed8a0327ef7b.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1848
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x26c
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1748

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1848-54-0x0000000076091000-0x0000000076093000-memory.dmp

          Filesize

          8KB