Overview

overview

6

Static

static

9ff2e7e195...d7.exe

windows7-x64

6

9ff2e7e195...d7.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    108s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/12/2022, 08:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9ff2e7e195b275e3213896128eecbe9d09a2773cf3756724d8e9b43d72caead7.exe

  • Size

    1.9MB

  • MD5

    481ee47c38cc1357eaa9750acf1ab376

  • SHA1

    3b959ba887e4ad657669c0ce1bd5f5dbe5ef8594

  • SHA256

    9ff2e7e195b275e3213896128eecbe9d09a2773cf3756724d8e9b43d72caead7

  • SHA512

    ae251a85f8e1be6b6b9e49621b949d45e255c9163e4a34a13d9298260fea032e39e744618eec3f5b5695eb46703b2064e0bb9c0a36f4a63b2606d607755343b4

  • SSDEEP

    24576:bMVHBNfNvjt5Mmqc+OHidYIDd3Lj/Stzp+nd+Lw43FVC8q+q8LjzmU3YEIW66W8J:oxBNuYilDd++noLw4TCMjHKAYp8+W1

Score
1/10

Malware Config

Signatures

  • Modifies registry class 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9ff2e7e195b275e3213896128eecbe9d09a2773cf3756724d8e9b43d72caead7.exe
    "C:\Users\Admin\AppData\Local\Temp\9ff2e7e195b275e3213896128eecbe9d09a2773cf3756724d8e9b43d72caead7.exe"
    1⤵
    • Modifies registry class
    • Suspicious use of AdjustPrivilegeToken
    PID:1496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1496-132-0x0000000000400000-0x0000000000946000-memory.dmp

    Filesize

    5.3MB

    Download

  • memory/1496-133-0x00000000028C0000-0x00000000028C3000-memory.dmp

    Filesize

    12KB

    Download

  • memory/1496-134-0x0000000000400000-0x0000000000946000-memory.dmp

    Filesize

    5.3MB

    Download