Overview

overview

10

Static

static

5fa6364cf8...d9.exe

windows7-x64

1

5fa6364cf8...d9.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    29-01-2023 19:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5fa6364cf830ce6501268bf342316c53300fdae27bd852acddc74c77ecf8ced9.exe

  • Size

    2.0MB

  • MD5

    9f6db8aa43ccb18c8252f57b5b0268cf

  • SHA1

    01c573bede38b1aa8941399c8f9dc9a98ef875b0

  • SHA256

    5fa6364cf830ce6501268bf342316c53300fdae27bd852acddc74c77ecf8ced9

  • SHA512

    30f86c857a0028739ef45ea68bf2af6e4cad9e8910e7fec3ad527bf70b3aab504575298643c2092cfb2038cb7237759c45265750af7d83332bdd5edddbfc8d4d

  • SSDEEP

    24576:NTGaRYQw6hNNpH05r8tLYXFkHMpg4JW1xXeMWrJPQTnKapyODtimr:N/TkLkeg4w/XYP0nrftiw

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5fa6364cf830ce6501268bf342316c53300fdae27bd852acddc74c77ecf8ced9.exe
    "C:\Users\Admin\AppData\Local\Temp\5fa6364cf830ce6501268bf342316c53300fdae27bd852acddc74c77ecf8ced9.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1996-54-0x0000000000080000-0x0000000000286000-memory.dmp
    Filesize

    2.0MB

    Download
  • memory/1996-55-0x00000000753D1000-0x00000000753D3000-memory.dmp
    Filesize

    8KB

    Download