Overview

overview

7

Static

static

7

eclpe592.exe

windows7-x64

1

eclpe592.exe

windows10-2004-x64

1

keymaker.exe

windows7-x64

7

keymaker.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    45s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    04/12/2022, 08:17

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    eclpe592.exe

  • Size

    138KB

  • MD5

    9a025ffa16af4b1400cfca0b12af90e9

  • SHA1

    ec8346c7de0d03c3cd8bcf6e1aadd3c334e5540d

  • SHA256

    d06eb3aa232345d8dbd571b330a4ba51f3a364beed9bdc1b3559f30467f76944

  • SHA512

    53e02cec0df7a6b67360c2db3a0a37e7fbe8f3d2a3c3edc2aec35da082d64a9693d9dc8e7ec71aa98af35dc289e2966b1bd3ca93735e00fa77e52a33e9295f8b

  • SSDEEP

    3072:1RjI0GkBGWZ7UwhLVAluhZOyoZrotC7nJp4/MwSMNo+PEgdLB:1lIuRJUsOluhKstAnEx/DdL

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eclpe592.exe
    "C:\Users\Admin\AppData\Local\Temp\eclpe592.exe"
    1⤵
      PID:1324
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x2f0
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:1100

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads