Overview

overview

1

Static

static

0ed4d9a2ca...29.exe

windows7-x64

1

0ed4d9a2ca...29.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-12-2022 19:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0ed4d9a2ca06b83d4d2f271302bd1eacb0029ce8be91633f0ac9de8405889d29.exe

  • Size

    884KB

  • MD5

    d558dce56b9c0afc85fa4ce237d25f3b

  • SHA1

    bc91863c3125c20d10f7db717623cc2fcb3c36f8

  • SHA256

    0ed4d9a2ca06b83d4d2f271302bd1eacb0029ce8be91633f0ac9de8405889d29

  • SHA512

    8292a41b501b23c862186b97d26de8e91974f256d9f1e6049e1ba91647f5812f4343d08a9f67c15e88b5c26b74bc2618c9f624073ccb1d046efe5e7cdd9d58f2

  • SSDEEP

    12288:Kcbid26/VZ1XVXBDsSBOnMyPmw1PcL/CNWAjYyn:gd26tZzXBDshnMyuwqrWLn

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0ed4d9a2ca06b83d4d2f271302bd1eacb0029ce8be91633f0ac9de8405889d29.exe
    "C:\Users\Admin\AppData\Local\Temp\0ed4d9a2ca06b83d4d2f271302bd1eacb0029ce8be91633f0ac9de8405889d29.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:3964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3964-132-0x0000000000400000-0x00000000004DE000-memory.dmp

    Filesize

    888KB

    Download

  • memory/3964-133-0x0000000000400000-0x00000000004DE000-memory.dmp

    Filesize

    888KB

    Download