Overview

overview

1

Static

static

70ce7173f5...12.exe

windows7-x64

1

70ce7173f5...12.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    56s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    05/12/2022, 13:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    70ce7173f5383926a25cc7a2e4057ec8a8b666d2d09664d3c000c796322ec612.exe

  • Size

    64KB

  • MD5

    0e03bc69474f2877908fef9cf875a861

  • SHA1

    c4ef4544c3440b1afb36bebb57e9d4c0d138e1c7

  • SHA256

    70ce7173f5383926a25cc7a2e4057ec8a8b666d2d09664d3c000c796322ec612

  • SHA512

    74a9af6ca7322e84cb17bbe4c7f2e6f8bc0d0a0abd9ac8cb9d83aadf2d0cf04c1125e043eca8c748de01b0900885391598a823fbec8941735e2ec192cae082b6

  • SSDEEP

    768:2JOfFEdN379p4GBSgkfVQWZEAzDLm2eWQfB/2ieWQfB/2peWQfB/23eWQfB/2u:WiaN37X4GpkfCV6LnKNrKNsKNaKNd

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 18 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\70ce7173f5383926a25cc7a2e4057ec8a8b666d2d09664d3c000c796322ec612.exe
    "C:\Users\Admin\AppData\Local\Temp\70ce7173f5383926a25cc7a2e4057ec8a8b666d2d09664d3c000c796322ec612.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1560
    • C:\ProgramData\pcdfdata\70ce7173f5383926a25cc7a2e4057ec8a8b666d2d09664d3c000c796322ec612.exe
      C:\ProgramData\pcdfdata\70ce7173f5383926a25cc7a2e4057ec8a8b666d2d09664d3c000c796322ec612.exe
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of UnmapMainImage
      • Suspicious use of WriteProcessMemory
      PID:1952
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe"
        3⤵
          PID:936

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1560-54-0x0000000076201000-0x0000000076203000-memory.dmp

            Filesize

            8KB

            Download

          • memory/1560-57-0x0000000000240000-0x0000000000247000-memory.dmp

            Filesize

            28KB

            Download

          • memory/1560-58-0x0000000000400000-0x000000000040F000-memory.dmp

            Filesize

            60KB

            Download

          • memory/1560-61-0x0000000000400000-0x0000000000407000-memory.dmp

            Filesize

            28KB

            Download

          • memory/1952-60-0x0000000000400000-0x000000000040F000-memory.dmp

            Filesize

            60KB

            Download

          • memory/1952-59-0x00000000002C0000-0x00000000002C7000-memory.dmp

            Filesize

            28KB

            Download

          • memory/1952-62-0x0000000000400000-0x000000000040F000-memory.dmp

            Filesize

            60KB

            Download