Overview

overview

1

Static

static

de223e7164...ee.exe

windows7-x64

1

de223e7164...ee.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    188s
  • max time network
    198s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 18:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    de223e716478e5d270ebb6eb97cd6bc56d98abb00a2999d82dea40998786a1ee.exe

  • Size

    376KB

  • MD5

    8c73ca789ea993c19b4aa98acaee2265

  • SHA1

    d386f4282d420042cab430924134f18c9cd9cefc

  • SHA256

    de223e716478e5d270ebb6eb97cd6bc56d98abb00a2999d82dea40998786a1ee

  • SHA512

    2c866e05c4cc4a1e06d1332159c5f4a67d87fb6437229e3e6d95fa2456e58611cc047930efc960e70251f1063ff243744d88816755b1ad739e485eff75e3b4bf

  • SSDEEP

    6144:Khs+TEvD/J3TF5F2uWeMGVGJlt57IoProEFmR5BtTPA:J+TQVTFeun/GJeVZPA

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\de223e716478e5d270ebb6eb97cd6bc56d98abb00a2999d82dea40998786a1ee.exe
    "C:\Users\Admin\AppData\Local\Temp\de223e716478e5d270ebb6eb97cd6bc56d98abb00a2999d82dea40998786a1ee.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1524

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1524-132-0x00000000003A0000-0x0000000000418000-memory.dmp

    Filesize

    480KB

    Download

  • memory/1524-133-0x00000000367F0000-0x0000000036800000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1524-134-0x00000000003A0000-0x0000000000418000-memory.dmp

    Filesize

    480KB

    Download