Overview

overview

10

Static

static

d43ca72d6f...28.exe

windows7-x64

1

d43ca72d6f...28.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    184s
  • max time network
    253s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    22-11-2022 09:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d43ca72d6fd0c9a2e3f3774b74fd5028.exe

  • Size

    76KB

  • MD5

    d43ca72d6fd0c9a2e3f3774b74fd5028

  • SHA1

    d28a3f9edb5651de9c7a418e63f8417105c83c63

  • SHA256

    8dd93fd81577033b184647b566e160699006396bcc6cbfff405acc4597c0d688

  • SHA512

    b4e5a5df2885d59ff7f4c8325ee7b00be592a62c2ee006244e9d5a8cc67adcb6b15f557146030b9079960b538dddda8626443b9c2ebbe9f31b6e40ab87cfc639

  • SSDEEP

    1536:EwHgiRJFKfgYBUngABZvxZ/DOG8s8MkeNSzXzKD:EwASJFKRapBZP/Dl8DMDSzX+D

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d43ca72d6fd0c9a2e3f3774b74fd5028.exe
    "C:\Users\Admin\AppData\Local\Temp\d43ca72d6fd0c9a2e3f3774b74fd5028.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/976-54-0x0000000000330000-0x0000000000348000-memory.dmp

    Filesize

    96KB

    Download

  • memory/976-55-0x0000000075FF1000-0x0000000075FF3000-memory.dmp

    Filesize

    8KB

    Download