Overview

overview

5

Static

static

TEMP~1.exe

windows7-x64

5

TEMP~1.exe

windows10-2004-x64

5

spider.exe

windows7-x64

1

spider.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    62s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-12-2022 00:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    spider.exe

  • Size

    1.5MB

  • MD5

    ba1609bd0053876f39cde479294cc967

  • SHA1

    a1af380bb4b3b718ed8432909c6fd221cc4a31b3

  • SHA256

    d7fc4154c605f8d4604c8a1350d1ca6f0eaa5cd51a247bd34904490895b12ff6

  • SHA512

    0903acf5af81dd21f35b2229de0da1130989c31cc5f589aa7b89e4405c90f532fcdcfd1c29772da795299c107b8df731849325be4fb5af78c3f6286263664ad1

  • SSDEEP

    24576:5v7jbOOU7Cd4GYyPA2/uy+mjGyfslDtbQzynIwlbUqzlrWkqh2MQ+v0IUzX1uD9b:5vKOF4ZDyKlaqSB0IUzX1uBPD6ALdDJ+

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\spider.exe
    "C:\Users\Admin\AppData\Local\Temp\spider.exe"
    1⤵
      PID:2044
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x2cc 0x150
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:4972

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads