Overview

overview

10

Static

static

511535e2c7...bc.exe

windows7-x64

10

511535e2c7...bc.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    296s
  • max time network
    351s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 17:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    511535e2c71f17fbb05320f5e3d109c7258bddf6b738a2bc819eb7131208c0bc.exe

  • Size

    2.8MB

  • MD5

    ff9142946eaf74497cce37d6042a001e

  • SHA1

    84a9a186ca189b94b6cc96149b8a891fbb1ad4b8

  • SHA256

    511535e2c71f17fbb05320f5e3d109c7258bddf6b738a2bc819eb7131208c0bc

  • SHA512

    c124a5d17c0d350d3c5b180644bee992e4eb634e25e6c8cce2f4da2336461d98eb5901a0b69b61b7b81aa4bc771c2f2f40fd7f8040b44894c9c84ae7cdb7a249

  • SSDEEP

    49152:GNX1vMYf017Whi8bfjQagbDEeqJJrn5m/4sit6QNt9NSlCf:K9MDW08bfjQagceqTr53YC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\511535e2c71f17fbb05320f5e3d109c7258bddf6b738a2bc819eb7131208c0bc.exe
    "C:\Users\Admin\AppData\Local\Temp\511535e2c71f17fbb05320f5e3d109c7258bddf6b738a2bc819eb7131208c0bc.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3848-132-0x00000000749A0000-0x0000000074F51000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/3848-133-0x00000000749A0000-0x0000000074F51000-memory.dmp

    Filesize

    5.7MB

    Download