Overview

overview

1

Static

static

c30295aaa5...e3.exe

windows7-x64

1

c30295aaa5...e3.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-01-2023 22:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c30295aaa51f45ba8666d910dc7ffc509fefa703a75c2fa080f82806912812e3.exe

  • Size

    2.8MB

  • MD5

    ffa5339518248e495c2fdfff06bf79a3

  • SHA1

    c86ac597cf61180a363aa28b256580c3dde46750

  • SHA256

    c30295aaa51f45ba8666d910dc7ffc509fefa703a75c2fa080f82806912812e3

  • SHA512

    719f6c49c1bc161993a5a6b0af5f6f1d82d51ebe7994719e6a68ea716d17a8d70a61b989e796b163f878fa7c079c0ea15f49c302f851dd54041420d88615a152

  • SSDEEP

    49152:TqMJICS75/XD2NgtC4zoVzV51x/jQ+9vE5d18n9ezI9GFOXKM5lLD2wL/LJLqu07:TqxCQ5/XD2NaotV3x/jQ+dEf1wwKGYXu

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c30295aaa51f45ba8666d910dc7ffc509fefa703a75c2fa080f82806912812e3.exe
    "C:\Users\Admin\AppData\Local\Temp\c30295aaa51f45ba8666d910dc7ffc509fefa703a75c2fa080f82806912812e3.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4256

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4256-133-0x0000000000400000-0x0000000000A33000-memory.dmp

    Filesize

    6.2MB

    Download

  • memory/4256-134-0x0000000000400000-0x0000000000A33000-memory.dmp

    Filesize

    6.2MB

    Download

  • memory/4256-135-0x0000000000400000-0x0000000000A33000-memory.dmp

    Filesize

    6.2MB

    Download