Analysis
-
max time kernel
307s -
max time network
318s -
platform
windows10-1703_x64 -
resource
win10-20220901-es -
resource tags
arch:x64arch:x86image:win10-20220901-eslocale:es-esos:windows10-1703-x64systemwindows -
submitted
25-01-2023 10:19
Static task
static1
Behavioral task
behavioral1
Sample
9152346868.exe
Resource
win7-20220812-es
windows7-x64
0 signatures
300 seconds
Behavioral task
behavioral2
Sample
9152346868.exe
Resource
win10-20220901-es
windows10-1703-x64
2 signatures
300 seconds
General
-
Target
9152346868.exe
-
Size
307.8MB
-
MD5
86fffdd9a51b4c0a5396217d7e83c04b
-
SHA1
33d01ff31661c45fc7ccdac3794c6ec9e8d6be72
-
SHA256
3761a1d7b9813909abfe30e23238f21d6c2ce2b0a54384755ba86beecfd9306e
-
SHA512
d081c75761322b0cd334f6c9fca71bcccfc68aa9072b551c3a5d4e6b5c389a817615591d94c5693e0d1d8a4a3afb4d602c51817bd84ca3b597aa2db66a933a8b
-
SSDEEP
49152:/CRDPJxyXNomXCELcjWTFY3Rr80C2AvWiw1wY:obqymSEIjYS3RYZ2A+uY
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 14 IoCs
Processes:
9152346868.exepid process 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe 4864 9152346868.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
9152346868.exedescription pid process Token: SeDebugPrivilege 4864 9152346868.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4864-120-0x000000001C1F0000-0x000000001C38E000-memory.dmpFilesize
1.6MB
-
memory/4864-121-0x000000001EA80000-0x000000001EB80000-memory.dmpFilesize
1024KB
-
memory/4864-122-0x000000001C3D0000-0x000000001C3E4000-memory.dmpFilesize
80KB
-
memory/4864-123-0x0000000021250000-0x0000000021352000-memory.dmpFilesize
1.0MB