Overview

overview

1

Static

static

f4b7f29719...6a.exe

windows7-x64

1

f4b7f29719...6a.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    114s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/12/2022, 23:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f4b7f29719c97210974cd8e277aae85ad118298d1556cce8e014946dd60a606a.exe

  • Size

    56KB

  • MD5

    f121179c4a194d71e3d3874bb7ee82d0

  • SHA1

    a69c60bd9e0cb0b530dd6351d2fc40c5de0c6a2e

  • SHA256

    f4b7f29719c97210974cd8e277aae85ad118298d1556cce8e014946dd60a606a

  • SHA512

    eccd79d813e75ec725ed7d22b1356bfb1b30bb9e75c30054b665cc72a5a261dd627f3980406d0428ab06d7850606e57da44cff0409a391570a986033a872f141

  • SSDEEP

    768:dmMMxnvXehj51Bk1wYfTrz2VZhbw14qF0iGB9gPj6T2nBg:sMM9vXeh2JTrz2a2biU9gPj6Tcg

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f4b7f29719c97210974cd8e277aae85ad118298d1556cce8e014946dd60a606a.exe
    "C:\Users\Admin\AppData\Local\Temp\f4b7f29719c97210974cd8e277aae85ad118298d1556cce8e014946dd60a606a.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4844
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x460 0x3f0
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4900

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads