66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8

General

Target

66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
Size

539KB
MD5

7a2d9c647857f0e7eeeba4c326ad8d19
SHA1

b025fdb76c3f065c99003899891d1260e6710aa5
SHA256

66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8
SHA512

91fc6848ea4b7a1a6e9c795065f414d48454a113c08d9b60be1dc8ffaaad66009883727fdb7bbd341de4acd38ce79b46fb9b8f4100991b878a392936cd63f76a
SSDEEP

768:riQ5zzoZg9u9A9ddJ0LI6VuggDuoGUtNN6IxtJcTcachc5hYuAznQRki:rissgYq7dJ0LI6VuggD3GUN6I70hY8k

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 64 IoCs

Processes:

66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe

description	ioc	process
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\ca.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\et.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\id.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\ko.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\mr.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\libpeerconnection.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\PepperFlash\manifest.json	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\cs.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\ja.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\ml.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\pl.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\fa.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\he.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\lt.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\chrome_100_percent.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\libegl.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\da.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\hu.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\sw.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\chrome_200_percent.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\chrome_elf.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\uk.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\chrome_child.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\ms.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\nb.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\sk.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\zh-TW.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\d3dcompiler_43.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\d3dcompiler_46.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\hi.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\it.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\sr.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\el.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\chrome.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\fr.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\ro.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\ru.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\sl.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\icudtl.dat	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\tr.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\am.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\es-419.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\nl.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\fil.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\kn.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\bg.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\es.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\fi.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\pt-BR.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\ta.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\vi.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Update\GoogleUpdate.exe	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\chrome.exe	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\pt-PT.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\te.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\libexif.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\gu.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\th.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\zh-CN.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\ffmpegsumo.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\metro_driver.dll	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\en-US.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
File created	C:\Program Files (x86)\Googles\Chrome\Application\36.0.1985.143\Locales\en-GB.pak	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe

description pid process

Token: SeDebugPrivilege 112 66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe

description	pid	process
Token: SeDebugPrivilege	112	66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe

C:\Users\Admin\AppData\Local\Temp\66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe
"C:\Users\Admin\AppData\Local\Temp\66a94f34f212fa06fd7b1768ceba430a4f194112ace7eec18ea285c9eb9556e8.exe"
1⤵
- Drops file in Program Files directory
- Suspicious use of AdjustPrivilegeToken
PID:112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/112-132-0x0000000074980000-0x0000000074F31000-memory.dmp

Filesize
5.7MB

Download
memory/112-133-0x0000000074980000-0x0000000074F31000-memory.dmp

Filesize
5.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads