Overview

overview

1

Static

static

95a4154d6e...1a.exe

windows7-x64

1

95a4154d6e...1a.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    153s
  • max time network
    196s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/11/2022, 14:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    95a4154d6e8aef8017bd79d1f3e7c112800dedde69a46d332f369a2c605a021a.exe

  • Size

    920KB

  • MD5

    ffe71f6c7e4975a20ba35400b7551396

  • SHA1

    c1dd042428f98bcca4a751843abef75f203bb928

  • SHA256

    95a4154d6e8aef8017bd79d1f3e7c112800dedde69a46d332f369a2c605a021a

  • SHA512

    94029496c194039ed5cabb644136e5944ec5a573de17af0ce2d352a4b1bd8f4ebb865af9fa1a819802e0896586f7f0cb5d08412cf76d288f420675d6d7ea8a36

  • SSDEEP

    24576:8waLIfWJY+P4IHmeIRJeYHEOyVF7Y7fEYWBHSvGGcJ:8pcfd+DGeOeBOyXCflXOF

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\95a4154d6e8aef8017bd79d1f3e7c112800dedde69a46d332f369a2c605a021a.exe
    "C:\Users\Admin\AppData\Local\Temp\95a4154d6e8aef8017bd79d1f3e7c112800dedde69a46d332f369a2c605a021a.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3208

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3208-132-0x0000000074A80000-0x0000000075031000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/3208-133-0x0000000074A80000-0x0000000075031000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/3208-134-0x0000000074A80000-0x0000000075031000-memory.dmp

          Filesize

          5.7MB

          Download