Analysis
-
max time kernel
91s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
25-11-2022 12:39
General
-
Target
7dd73a04cac2979aa09cf2ac80f197f2baf5ef6565e24b64b6973aeeddd7eaed.exe
-
Size
772KB
-
MD5
9eb012b8577834a547847c91bea66fa9
-
SHA1
10920f0a5ca164fe43938a7541b5a3d58ba5c05a
-
SHA256
7dd73a04cac2979aa09cf2ac80f197f2baf5ef6565e24b64b6973aeeddd7eaed
-
SHA512
56ebe224922d67f9aa87f2b55575418ce0f64cce0d19c5a2cc331faa77fafc0888d6880d4890a425798fa8a9240682de7321c1acd3494d28877ced4cae6596c5
-
SSDEEP
12288:2cqFJbdBe127xe8ZpAhLR5puG6S+D/KIVVJ0IuyNXCF4+nw+++i:hqFJbdBPxesA3T7A/KIFZu+Ihw+pi
Score
8/10
Malware Config
Signatures
-
UPX packed file 26 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
VMProtect packed file 6 IoCs
Detects executables packed with VMProtect commercial packer.
-
Suspicious use of AdjustPrivilegeToken 10 IoCs
-
Suspicious use of SetWindowsHookEx 5 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\7dd73a04cac2979aa09cf2ac80f197f2baf5ef6565e24b64b6973aeeddd7eaed.exe"C:\Users\Admin\AppData\Local\Temp\7dd73a04cac2979aa09cf2ac80f197f2baf5ef6565e24b64b6973aeeddd7eaed.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/5056-132-0x0000000000400000-0x000000000063C000-memory.dmpFilesize
2.2MB
-
memory/5056-133-0x0000000000400000-0x000000000063C000-memory.dmpFilesize
2.2MB
-
memory/5056-135-0x0000000000400000-0x000000000063C000-memory.dmpFilesize
2.2MB
-
memory/5056-136-0x0000000000400000-0x000000000063C000-memory.dmpFilesize
2.2MB
-
memory/5056-137-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-140-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-139-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-142-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-141-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-144-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-146-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-148-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-150-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-152-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-154-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-156-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-158-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-160-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-162-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-164-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-166-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-168-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-170-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-172-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-174-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-176-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-178-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-180-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-182-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-183-0x0000000000400000-0x000000000063C000-memory.dmpFilesize
2.2MB
-
memory/5056-184-0x0000000010000000-0x000000001003E000-memory.dmpFilesize
248KB
-
memory/5056-185-0x0000000000400000-0x000000000063C000-memory.dmpFilesize
2.2MB