Overview

overview

1

Static

static

79375e11b6...8b.exe

windows7-x64

1

79375e11b6...8b.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    38s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29-11-2022 14:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    79375e11b6c10a662e5830ed05386edf3802750cbee54aa1bb25be0e781d9a8b.exe

  • Size

    308KB

  • MD5

    775855aa2c13b86da6cdd096917a9c60

  • SHA1

    efa7bc316f86297b051e14c2d1849bf1fb594a15

  • SHA256

    79375e11b6c10a662e5830ed05386edf3802750cbee54aa1bb25be0e781d9a8b

  • SHA512

    240b5ee1b918fbcd6ed113d4a79754a1f2a68e2b753ed3a70e7db400a4dca2b055884c74eada3a005c50556f00e46dba67336725b0095f7c356446bdb84cbfe6

  • SSDEEP

    6144:syMffjjoFOUbhTweO4WBpGLWMEHIS+Sya5:sD33Ujn8GLGHj+O

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\79375e11b6c10a662e5830ed05386edf3802750cbee54aa1bb25be0e781d9a8b.exe
    "C:\Users\Admin\AppData\Local\Temp\79375e11b6c10a662e5830ed05386edf3802750cbee54aa1bb25be0e781d9a8b.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1052
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x40c
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1052-54-0x0000000075931000-0x0000000075933000-memory.dmp

    Filesize

    8KB

    Download