a135626470c6f3b9c47ee47483e21c60b17f7fae3e727f200b79089eeadcb443 | Triage

Analysis

max time kernel
165s
max time network
180s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
06/11/2022, 08:55

Sharing

Report Analysis Logs

General

Target

SoftCnKiller2.42/adwView2.42.exe
Size

362KB
MD5

89a8574b027bd577fd6ddfb5f4945471
SHA1

2bf3be3f8b28eaaf4722f22ce0b5f69a6958558d
SHA256

df678b73e2d892e960362396436b32e48000eca874a7f1eed5fe3fa167ee83ae
SHA512

e9bccca2be676b5360992a2e8e10657571c5d8caf428130f0f3c3a2b15dc1f58ad30e00d1ae0aa332c6f14f83ac32b5d60888c4b8a674b496c1d4c65dd07cfb3
SSDEEP

3072:5dKaEOcFXLQUkrhia+qqfhCqxML4Ur+00QcWqGczffDnq3h0:OaE7kUsWCZLly7E0

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1488	adwView2.42.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1488	adwView2.42.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1488	adwView2.42.exe
1488	adwView2.42.exe

C:\Users\Admin\AppData\Local\Temp\SoftCnKiller2.42\adwView2.42.exe
"C:\Users\Admin\AppData\Local\Temp\SoftCnKiller2.42\adwView2.42.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
PID:1488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads