Overview

overview

1

Static

static

b3ff285965...12.exe

windows7-x64

1

b3ff285965...12.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    4s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    24/11/2022, 06:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b3ff28596594c9c09f33160cf78b416db1934c9a789c77b34a1b0c4ade31f812.exe

  • Size

    535KB

  • MD5

    89a04a08a36a90d83480bc5e571b6877

  • SHA1

    afd5d4c555d12da46512d05a6ef303424d7afc60

  • SHA256

    b3ff28596594c9c09f33160cf78b416db1934c9a789c77b34a1b0c4ade31f812

  • SHA512

    b4d152fa72339d2d1cd41ba3441c13ddbdf1f531f14f31dac5e053ec3422e1ebef2a18c4686b86568d6f0e44f872ff5d233e0c3e9954dc42945793126a046f65

  • SSDEEP

    12288:bG/6krPV/nqA8Cdg5/8IG+OFv6xe9KMRVdmd:qT5g5/8IdOF6nSVwd

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b3ff28596594c9c09f33160cf78b416db1934c9a789c77b34a1b0c4ade31f812.exe
    "C:\Users\Admin\AppData\Local\Temp\b3ff28596594c9c09f33160cf78b416db1934c9a789c77b34a1b0c4ade31f812.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/956-54-0x0000000000040000-0x00000000000CA000-memory.dmp

    Filesize

    552KB

    Download