Overview

overview

10

Static

static

57ebd0be02...9d.exe

windows7-x64

10

57ebd0be02...9d.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/11/2022, 22:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    57ebd0be0270a97b374ea1ec73f4f5cc7c8f8c2784ddb301ecaf7f155831bc9d.exe

  • Size

    497KB

  • MD5

    3e064b1071ad430572a3f6cf93bded95

  • SHA1

    d20ebd5022710f10d2cb34381eddf4c4fb6c1112

  • SHA256

    57ebd0be0270a97b374ea1ec73f4f5cc7c8f8c2784ddb301ecaf7f155831bc9d

  • SHA512

    05b408e8e35de2a2e73c0b0bc07a9c88ef548b9f3ed071f81460c75748825a0f776a8082f1e556d3cb27cd73bc1c98091abf3f2d7c8fcd3e0df90fdf2cd63b26

  • SSDEEP

    12288:RSrLA/nD6+NQzJFnC6PCgS3AFsFp7ZT/:RSrLQ60SXag8Akl

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\57ebd0be0270a97b374ea1ec73f4f5cc7c8f8c2784ddb301ecaf7f155831bc9d.exe
    "C:\Users\Admin\AppData\Local\Temp\57ebd0be0270a97b374ea1ec73f4f5cc7c8f8c2784ddb301ecaf7f155831bc9d.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4864-132-0x0000000075480000-0x0000000075A31000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/4864-133-0x0000000075480000-0x0000000075A31000-memory.dmp

    Filesize

    5.7MB

    Download