Overview

overview

1

Static

static

8324ef9685...6a.exe

windows7-x64

1

8324ef9685...6a.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    37s
  • max time network
    41s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    05/12/2022, 13:12

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8324ef9685ad2b181066036c15bd4297a26749c4a4233ef2b1f8176b8437df6a.exe

  • Size

    93KB

  • MD5

    edb7d320566a0e814b96a00da33fe5f6

  • SHA1

    28117271f77f0f51e771d1c8483a01218819fb55

  • SHA256

    8324ef9685ad2b181066036c15bd4297a26749c4a4233ef2b1f8176b8437df6a

  • SHA512

    1587e0dd0d9cd4eb23e773966b6dc7d40312c8870431193cadc5a71aaaa3ba1a8fc67c37aa845dffde1a7d2e795620f1a632538b01b6434b9ab3717e01f3fc82

  • SSDEEP

    1536:I4zWKm7V1lyPAzzUHhCDQ4HhCDQQHhCDQ/HhCDQNaxrPZo+a:ZaflyPAzAHhD4HhDQHhD/HhDU7Zo+a

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 18 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8324ef9685ad2b181066036c15bd4297a26749c4a4233ef2b1f8176b8437df6a.exe
    "C:\Users\Admin\AppData\Local\Temp\8324ef9685ad2b181066036c15bd4297a26749c4a4233ef2b1f8176b8437df6a.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1192
    • C:\ProgramData\pcdfdata\8324ef9685ad2b181066036c15bd4297a26749c4a4233ef2b1f8176b8437df6a.exe
      C:\ProgramData\pcdfdata\8324ef9685ad2b181066036c15bd4297a26749c4a4233ef2b1f8176b8437df6a.exe
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of UnmapMainImage
      • Suspicious use of WriteProcessMemory
      PID:1064
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe"
        3⤵
          PID:964

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1064-60-0x0000000000400000-0x0000000000413000-memory.dmp

            Filesize

            76KB

            Download

          • memory/1064-59-0x0000000000250000-0x0000000000257000-memory.dmp

            Filesize

            28KB

            Download

          • memory/1064-61-0x0000000000400000-0x0000000000413000-memory.dmp

            Filesize

            76KB

            Download

          • memory/1192-54-0x0000000076701000-0x0000000076703000-memory.dmp

            Filesize

            8KB

            Download

          • memory/1192-58-0x0000000000400000-0x0000000000407000-memory.dmp

            Filesize

            28KB

            Download

          • memory/1192-57-0x00000000003D0000-0x00000000003D7000-memory.dmp

            Filesize

            28KB

            Download