Overview

overview

6

Static

static

23f54cfcdd...2a.exe

windows7-x64

1

23f54cfcdd...2a.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    43s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    02/12/2022, 01:38 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23f54cfcdd6d58102358863267018a6957a1505b36bd8534de5dd3c82933a62a.exe

  • Size

    1.8MB

  • MD5

    2631fbef41a8bdb81dd5844edd440145

  • SHA1

    569f1956593a72e6044d056a0b2be7193c03ba36

  • SHA256

    23f54cfcdd6d58102358863267018a6957a1505b36bd8534de5dd3c82933a62a

  • SHA512

    ef9f88e0657cf12ab9fd66b1ff7d9c20bd452368bd9ddf9aef9e58a6f670b64b93a4cfe27b245a1a24431d428a081503f05c62f3c07743919f19d7dc09afc106

  • SSDEEP

    49152:glOC1w4wtIJiExMTdiMvPaQdU6kbFc4crZGY4s14Nn0:g4C1w8JrMhiMXHUA4O/430

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\23f54cfcdd6d58102358863267018a6957a1505b36bd8534de5dd3c82933a62a.exe
    "C:\Users\Admin\AppData\Local\Temp\23f54cfcdd6d58102358863267018a6957a1505b36bd8534de5dd3c82933a62a.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/584-54-0x0000000075B11000-0x0000000075B13000-memory.dmp

    Filesize

    8KB

    Download

  • memory/584-55-0x0000000074780000-0x0000000074D2B000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/584-56-0x0000000074780000-0x0000000074D2B000-memory.dmp

    Filesize

    5.7MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.