Overview

overview

6

Static

static

file.exe

windows7-x64

1

file.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    35s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    24-11-2022 16:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    file.exe

  • Size

    3.2MB

  • MD5

    502b810b213e6ea11cebaa86737c6f26

  • SHA1

    9180f07a4cf3fea9b08e6e1828fb1b8d05805975

  • SHA256

    be7ba15c274112b511952287bd01a6c135e7b20260f307fc72fcd1a948188086

  • SHA512

    2ed47486212f832fc8c3f3f85137e489c7d6fe4b893acc74910362830ce778a6eab13ce95554f984028cc0953329b799d318df1088b94f7930db0e8a5a987e78

  • SSDEEP

    12288:GNpYYoU9aGbHRFbOuuWompGy4y5vKk8U9tXnt9q:mpYVU9FP

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\file.exe
    "C:\Users\Admin\AppData\Local\Temp\file.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1608-54-0x0000000000850000-0x0000000000892000-memory.dmp
    Filesize

    264KB

    Download
  • memory/1608-55-0x0000000075A91000-0x0000000075A93000-memory.dmp
    Filesize

    8KB

    Download