Overview

overview

10

Static

static

SecuriteIn...71.exe

windows7-x64

1

SecuriteIn...71.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    47s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    25-11-2022 03:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe

  • Size

    716KB

  • MD5

    24a6b2d7d65f5a04989d064c87426815

  • SHA1

    e18c4c971791e14d3c8f059f8bce04a61e5ef619

  • SHA256

    cd3ba304f3ef65515002d44fdcc5eee5f5a356be927ef4a2f257ba6b1ff08a53

  • SHA512

    474d36fdb92e9d5c534fbd3061328304fb527f901cb6af40fd76f47c926a7a845280796b955ce15402e5a8c12b2581580133c322d8a6eccb9beafcee04344905

  • SSDEEP

    12288:cc0/Xe+PIeMkqG7lUBYkd3EhJbNSw0uLXwpjSC2mZJbxpDF:3Wu+zMkqG7+BR3EhZNSw5jwIC2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1088
    • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe
      "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe"
      2⤵
        PID:940
      • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe
        "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe"
        2⤵
          PID:936
        • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe
          "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe"
          2⤵
            PID:1944
          • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe
            "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe"
            2⤵
              PID:2040
            • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe
              "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.MSIL.Crypt.13190.971.exe"
              2⤵
                PID:1192

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/1088-54-0x0000000000040000-0x00000000000FA000-memory.dmp

              Filesize

              744KB

              Download

            • memory/1088-55-0x0000000074C91000-0x0000000074C93000-memory.dmp

              Filesize

              8KB

              Download

            • memory/1088-56-0x0000000000510000-0x0000000000528000-memory.dmp

              Filesize

              96KB

              Download

            • memory/1088-57-0x0000000000580000-0x000000000058C000-memory.dmp

              Filesize

              48KB

              Download

            • memory/1088-58-0x00000000020E0000-0x0000000002156000-memory.dmp

              Filesize

              472KB

              Download

            • memory/1088-59-0x0000000004330000-0x000000000436E000-memory.dmp

              Filesize

              248KB

              Download