Overview

overview

10

Static

static

SecuriteIn...86.exe

windows7-x64

1

SecuriteIn...86.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    45s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    08-12-2022 14:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe

  • Size

    953KB

  • MD5

    cb07eb3442be989b2417e6797544f208

  • SHA1

    d86669fd5315e210ab3d9fa46ed06f9e6f8c1729

  • SHA256

    aedbd8290eb3bea7a561c8f099f0005dc37e2597eeb34264e92b0df88a6b4109

  • SHA512

    90a943732b4254c7d8c01d4c78a2acfadd189db654cc6a51dcc2ac8fc632a8bb2694a2bdb412630ea15543b44079c73ff9942f47cfca21f20af43ec782813097

  • SSDEEP

    24576:7Sjql9eypjik0AY1h/TFuau/QhZmBH+V:0q3eYjijj/JuaMQhSH

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:996
    • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe
      "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe"
      2⤵
        PID:524
      • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe
        "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe"
        2⤵
          PID:700
        • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe
          "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe"
          2⤵
            PID:432
          • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe
            "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe"
            2⤵
              PID:640
            • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe
              "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.PackedNET.1725.19553.28086.exe"
              2⤵
                PID:1480

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/996-54-0x0000000000340000-0x0000000000434000-memory.dmp
              Filesize

              976KB

              Download
            • memory/996-55-0x00000000760E1000-0x00000000760E3000-memory.dmp
              Filesize

              8KB

              Download
            • memory/996-56-0x00000000005A0000-0x00000000005C2000-memory.dmp
              Filesize

              136KB

              Download
            • memory/996-57-0x0000000000620000-0x000000000062E000-memory.dmp
              Filesize

              56KB

              Download
            • memory/996-58-0x0000000004A00000-0x0000000004A70000-memory.dmp
              Filesize

              448KB

              Download
            • memory/996-59-0x0000000002050000-0x0000000002088000-memory.dmp
              Filesize

              224KB

              Download