Overview

overview

10

Static

static

1

2014-12-22...b2.exe

windows7-x64

8

2014-12-22...b2.exe

windows10-2004-x64

8

2014-12-22...48.exe

windows7-x64

7

2014-12-22...48.exe

windows10-2004-x64

7

2014-12-22...ce.exe

windows7-x64

1

2014-12-22...ce.exe

windows10-2004-x64

1

2014-12-22...a4.exe

windows7-x64

3

2014-12-22...a4.exe

windows10-2004-x64

3

2014-12-22...35.exe

windows7-x64

8

2014-12-22...35.exe

windows10-2004-x64

7

2014-12-22...bb.exe

windows7-x64

10

2014-12-22...bb.exe

windows10-2004-x64

10

2014-12-22...76.exe

windows7-x64

8

2014-12-22...76.exe

windows10-2004-x64

8

2014-12-22...57.exe

windows7-x64

6

2014-12-22...57.exe

windows10-2004-x64

6

2014-12-22...8c.exe

windows7-x64

10

2014-12-22...8c.exe

windows10-2004-x64

10

2014-12-22...6a.exe

windows7-x64

8

2014-12-22...6a.exe

windows10-2004-x64

8

2014-12-22...d0.exe

windows7-x64

10

2014-12-22...d0.exe

windows10-2004-x64

10

2014-12-22...ee.exe

windows7-x64

8

2014-12-22...ee.exe

windows10-2004-x64

8

2014-12-22...7d.exe

windows7-x64

8

2014-12-22...7d.exe

windows10-2004-x64

10

2014-12-22...c3.exe

windows7-x64

8

2014-12-22...c3.exe

windows10-2004-x64

8

2014-12-22...12.exe

windows7-x64

8

2014-12-22...12.exe

windows10-2004-x64

8

2014-12-22...76.exe

windows7-x64

6

2014-12-22...76.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    105s
  • max time network
    133s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-11-2022 11:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2014-12-22 #32/409541f2ca9bc08e528a05970e278e57.exe

  • Size

    233KB

  • MD5

    409541f2ca9bc08e528a05970e278e57

  • SHA1

    f74fa666a8ef14232a6c61da9e5ae47caaabb5a7

  • SHA256

    5148d95eb0c32118ae904534cb1c1098c8cf48a79941f320f8433f76fd78e91b

  • SHA512

    311f819fca707b4f22b68cd68a15f7105a45e388b0cd68de345418a158f1eb407b9ee26735be2b2018e8210007d442bc7f3aad2e9692e4db525b8cd4c23e04f8

  • SSDEEP

    3072:w1le6UqAYN076conxfvnM9dtQOGDzoiKxAdgbDxNyqStBZ0XEHKUCdBbD:Ae6UqpU4ZvM5QLDNKqs9gVtf0XOCdVD

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2014-12-22 #32\409541f2ca9bc08e528a05970e278e57.exe
    "C:\Users\Admin\AppData\Local\Temp\2014-12-22 #32\409541f2ca9bc08e528a05970e278e57.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:848

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/848-132-0x00007FFE92B90000-0x00007FFE935C6000-memory.dmp

    Filesize

    10.2MB

    Download