Analysis
-
max time kernel
145s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
29-01-2023 17:52
Static task
static1
Behavioral task
behavioral1
Sample
c9336bcd57afe25d3742b0f0ef489784b81f9c12e289a0f6223b4de29fd5f949.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
c9336bcd57afe25d3742b0f0ef489784b81f9c12e289a0f6223b4de29fd5f949.exe
Resource
win10v2004-20220812-en
General
-
Target
c9336bcd57afe25d3742b0f0ef489784b81f9c12e289a0f6223b4de29fd5f949.exe
-
Size
368KB
-
MD5
5440f766a474d152cafa52f1523b6d08
-
SHA1
5c5ced856aab135b6e747b204a59ba54a5af1e7c
-
SHA256
c9336bcd57afe25d3742b0f0ef489784b81f9c12e289a0f6223b4de29fd5f949
-
SHA512
36d2d92fd2d35342476263c50a2bec8d1230c272a81f556b2f5f6ee2bb8b6255465239a5d57b25b0b04eb4b82b1012e0acbc3a9d2a5f356a4791dba2718fc867
-
SSDEEP
6144:KHiHAEvQb+xCzH+8fER4M2B5B1z85unzsPozDYvfburZMY7pc9M:KCHrIb+xkHrER4MYvzUizS+DYvfyOs+M
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
c9336bcd57afe25d3742b0f0ef489784b81f9c12e289a0f6223b4de29fd5f949.exedescription pid process Token: SeDebugPrivilege 956 c9336bcd57afe25d3742b0f0ef489784b81f9c12e289a0f6223b4de29fd5f949.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/956-132-0x0000000000A33000-0x0000000000A58000-memory.dmpFilesize
148KB
-
memory/956-133-0x0000000000860000-0x0000000000892000-memory.dmpFilesize
200KB
-
memory/956-134-0x0000000000400000-0x0000000000857000-memory.dmpFilesize
4.3MB
-
memory/956-135-0x0000000004EF0000-0x0000000005494000-memory.dmpFilesize
5.6MB
-
memory/956-136-0x0000000005510000-0x0000000005586000-memory.dmpFilesize
472KB
-
memory/956-137-0x00000000055C0000-0x00000000055DE000-memory.dmpFilesize
120KB
-
memory/956-138-0x0000000005650000-0x0000000005C68000-memory.dmpFilesize
6.1MB
-
memory/956-139-0x0000000005D00000-0x0000000005D12000-memory.dmpFilesize
72KB
-
memory/956-140-0x0000000005D20000-0x0000000005D5C000-memory.dmpFilesize
240KB
-
memory/956-141-0x0000000006020000-0x000000000612A000-memory.dmpFilesize
1.0MB
-
memory/956-142-0x0000000000A33000-0x0000000000A58000-memory.dmpFilesize
148KB