Overview

overview

7

Static

static

1

62ee5b95c3...67.exe

windows7-x64

7

62ee5b95c3...67.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    179s
  • max time network
    187s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-02-2023 19:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    62ee5b95c34acf1b01e338ad370c4dda687bdd67.exe

  • Size

    248KB

  • MD5

    4ca04b351bb18652fcda67b45eed03a9

  • SHA1

    62ee5b95c34acf1b01e338ad370c4dda687bdd67

  • SHA256

    420dfb75c981fe4ab474de914e92c8171f52544d1f3a4d66bf9249e8578d729d

  • SHA512

    d462553e89b0adda35854157bdbb668dc6ac7e415f5dcf37cf65aecd19ff1d93f0aa18e8831f59be5982c21d71715dfa227958696b81d71a9cde8ec9bc79c7b6

  • SSDEEP

    6144:m8OyFY+X5tuRG9YodJ8mQccZowlFfo7qa4D64+94QIKgFLKyEs2UfaoksNzB1jpU:TFY+X5tuRG9YodJ8mQccZowlFfo7qa4U

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\62ee5b95c34acf1b01e338ad370c4dda687bdd67.exe
    "C:\Users\Admin\AppData\Local\Temp\62ee5b95c34acf1b01e338ad370c4dda687bdd67.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4812

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4812-132-0x0000000000EB0000-0x0000000000EEE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4812-133-0x0000000005CD0000-0x0000000006274000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4812-134-0x00000000057C0000-0x0000000005852000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4812-135-0x0000000005760000-0x000000000576A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4812-136-0x00000000090E0000-0x0000000009146000-memory.dmp

    Filesize

    408KB

    Download