Overview

overview

10

Static

static

SecuriteIn...56.exe

windows7-x64

1

SecuriteIn...56.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    42s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    05-12-2022 15:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe

  • Size

    1.1MB

  • MD5

    9a0b108728953eb056acabd5838eb96f

  • SHA1

    30c00233cb6c7a838aaca427764daec8e8f861bc

  • SHA256

    1223d62bc266486dd7cae8cad10de9ef5b60fa1a7dd9113723613758d38845b8

  • SHA512

    2b0880aac549d13546daa3aee8087f3ece2f74be4e2817a0529e5a0ad6e38ff134606387f9df19a709b771bd772abc5ec55aba18ae829dd92599e48d9f50347a

  • SSDEEP

    24576:FYAMOoEzlK3c8wwmx4Q1xNBR4maitt4f8OSKwz7NGIm:FFoEOmuExNBOvKtGSKwfNa

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1048
    • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe
      "{path}"
      2⤵
        PID:888
      • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe
        "{path}"
        2⤵
          PID:860
        • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe
          "{path}"
          2⤵
            PID:768
          • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe
            "{path}"
            2⤵
              PID:1380
            • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.HacktoolX-gen.28418.13356.exe
              "{path}"
              2⤵
                PID:468

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/1048-54-0x00000000003C0000-0x00000000004DE000-memory.dmp
              Filesize

              1.1MB

              Download
            • memory/1048-55-0x00000000759F1000-0x00000000759F3000-memory.dmp
              Filesize

              8KB

              Download
            • memory/1048-56-0x00000000003B0000-0x00000000003C2000-memory.dmp
              Filesize

              72KB

              Download
            • memory/1048-57-0x00000000053A0000-0x000000000543C000-memory.dmp
              Filesize

              624KB

              Download
            • memory/1048-58-0x0000000005490000-0x00000000054E8000-memory.dmp
              Filesize

              352KB

              Download