Overview

overview

8

Static

static

40e9ab0de6...ca.exe

windows7-x64

8

40e9ab0de6...ca.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    280s
  • max time network
    378s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/12/2022, 04:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    40e9ab0de68a90d065d9a1ebc501424a0fb14e5a5406f2add41e69c4ceec90ca.exe

  • Size

    185KB

  • MD5

    42e3795fb5d5ba32690a025fd53e6634

  • SHA1

    544b0c3f18f84a1751f27c6da02ce1afd8a3a2a1

  • SHA256

    40e9ab0de68a90d065d9a1ebc501424a0fb14e5a5406f2add41e69c4ceec90ca

  • SHA512

    6668dc901b7851eae48e2068b4a32b38f5c0b51eb8ee79edd47244e9b4c269c876571f1ea17dddd1bc03950a6af360484f75a1e439087a40c11d24927e64eb0e

  • SSDEEP

    3072:w/nz/J377I6wJk0sjBl2u42VnwcoubFsiltlIZ6GTmmF:Iz/977IrJVuCuxVnfbWiOZD

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\40e9ab0de68a90d065d9a1ebc501424a0fb14e5a5406f2add41e69c4ceec90ca.exe
    "C:\Users\Admin\AppData\Local\Temp\40e9ab0de68a90d065d9a1ebc501424a0fb14e5a5406f2add41e69c4ceec90ca.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4220

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4220-132-0x0000000074D20000-0x00000000752D1000-memory.dmp

          Filesize

          5.7MB

          Download

        • memory/4220-133-0x0000000074D20000-0x00000000752D1000-memory.dmp

          Filesize

          5.7MB

          Download