Overview

overview

1

Static

static

Adobe Phot...S5.exe

windows7-x64

1

Resubmissions

23-11-2022 08:04

221123-jyrznsbe9s 1

23-11-2022 07:57

221123-jtm5xsga66 1

Analysis

  • max time kernel
    80s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 07:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Adobe Photoshop CS5.exe

  • Size

    60.9MB

  • MD5

    2021050ec9cc6cd5f06c379b1b7b8330

  • SHA1

    e049c7bf91b2353aea42350ac2d424498a95b52c

  • SHA256

    1662a5feb829cb863e81a9d97cf2842375448cc5c3ad2ad89b10cda72f52f846

  • SHA512

    dba80683c28f72d922dfbb0124bd5e7bbc9c25e45b4429f80ec8a12d308cfdf2b3f961392f9d1f50706f2ce7726fd5e780e6797f9119c2d5708cadcbc683c432

  • SSDEEP

    786432:7mNKkrSNtU2I9X83eCdX/huxc7s3s5xhL7ONvK2V17ZVw/gCLsWdFUXe4v0:70HSMv9X8/dP6EK8hWNPYgCLRy30

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Adobe Photoshop CS5.exe
    "C:\Users\Admin\AppData\Local\Temp\Adobe Photoshop CS5.exe"
    1⤵
      PID:1692
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:948
      • C:\Windows\system32\AUDIODG.EXE
        C:\Windows\system32\AUDIODG.EXE 0x508
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:980

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/948-55-0x000007FEFB5E1000-0x000007FEFB5E3000-memory.dmp
        Filesize

        8KB

        Download
      • memory/1692-54-0x0000000075B51000-0x0000000075B53000-memory.dmp
        Filesize

        8KB

        Download