Overview

overview

7

Static

static

63bb45a377...95.exe

windows7-x64

7

63bb45a377...95.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    135s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/11/2022, 06:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    63bb45a3774931d25505bffa4032b2f465b069c70d1cebc59a76c8dfdee1b495.exe

  • Size

    6.3MB

  • MD5

    307e27c09e2f0213662f777da6afb1d4

  • SHA1

    bdd7ff16f0e4462c0bca0efa11c16d92730a7c22

  • SHA256

    63bb45a3774931d25505bffa4032b2f465b069c70d1cebc59a76c8dfdee1b495

  • SHA512

    51eea359ca56e907512634fe8200eb4b7bf1d51e501c12de57f8f83861b7f459406b18384d4ed5257869ef4c5c45eb1a68173aa81ce4318f397fae8e923fca47

  • SSDEEP

    98304:VSajVLfsOhgancfAzPOGNLZcldaVoOm8Ju838c:VSajly+P9cTaPfJZ38

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\63bb45a3774931d25505bffa4032b2f465b069c70d1cebc59a76c8dfdee1b495.exe
    "C:\Users\Admin\AppData\Local\Temp\63bb45a3774931d25505bffa4032b2f465b069c70d1cebc59a76c8dfdee1b495.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of AdjustPrivilegeToken
    PID:4016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\System.Data.SQLite.dll
    Filesize

    1.0MB

    MD5

    006cc8260405e231c2006a0cea2127fd

    SHA1

    7fc2321678259ac6f45eb78e56beaea5fbde4a98

    SHA256

    eea94763133fa17410b0597818bc84724e9ed6187f503762a3e480e3f6036f3a

    SHA512

    0e78f054fa983d39c384ec12ca1687a0524d7da81d67ba19fa0ce9b79fee4c6a8fa1e2582dc3b5c83e14f8498500a50f46152096aebe96c9bfc1eab6d3f9d7ad

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\System.Data.SQLite.dll
    Filesize

    1.0MB

    MD5

    006cc8260405e231c2006a0cea2127fd

    SHA1

    7fc2321678259ac6f45eb78e56beaea5fbde4a98

    SHA256

    eea94763133fa17410b0597818bc84724e9ed6187f503762a3e480e3f6036f3a

    SHA512

    0e78f054fa983d39c384ec12ca1687a0524d7da81d67ba19fa0ce9b79fee4c6a8fa1e2582dc3b5c83e14f8498500a50f46152096aebe96c9bfc1eab6d3f9d7ad

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\System.Data.SQLite.dll
    Filesize

    1.0MB

    MD5

    006cc8260405e231c2006a0cea2127fd

    SHA1

    7fc2321678259ac6f45eb78e56beaea5fbde4a98

    SHA256

    eea94763133fa17410b0597818bc84724e9ed6187f503762a3e480e3f6036f3a

    SHA512

    0e78f054fa983d39c384ec12ca1687a0524d7da81d67ba19fa0ce9b79fee4c6a8fa1e2582dc3b5c83e14f8498500a50f46152096aebe96c9bfc1eab6d3f9d7ad

    Download Submit

  • memory/4016-132-0x0000000005F10000-0x00000000064B4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4016-133-0x0000000003160000-0x00000000031F2000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4016-137-0x0000000007280000-0x000000000728A000-memory.dmp

    Filesize

    40KB

    Download