Overview

overview

7

Static

static

1

Striker.exe

windows7-x64

7

Striker.exe

windows10-2004-x64

1

Resubmissions

19-02-2023 12:07

230219-pafjmaeh7w 7

Analysis

  • max time kernel
    140s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220812-es
  • resource tags

    arch:x64arch:x86image:win7-20220812-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    19-02-2023 12:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Striker.exe

  • Size

    3.5MB

  • MD5

    3506e72217d5206c43afa993546008aa

  • SHA1

    caaa849768a6db9a08c1ca3dba8f31ab8669d04f

  • SHA256

    0fb8caced876c692d3ed1cfe956b07b1acb9128ff36f07783500deadfad4a8fd

  • SHA512

    c077270ef57c52c8c42d51afedba9e1229e40f1b198a2181d1fcfb7bb20fed29af9bdcc4150c4f721f61a40baa965b6b8a8cb90257e7cf2d954e62fc759ce68e

  • SSDEEP

    98304:5shZSJb/1czHpcaBoIJAQtKixNWoiJk5VLjkwOh:5G4bi/B3JBLCoiCL4

Score
7/10
agilenet

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 2 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Striker.exe
    "C:\Users\Admin\AppData\Local\Temp\Striker.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1756-54-0x000000013F810000-0x000000013FB9C000-memory.dmp
    Filesize

    3.5MB

    Download
  • memory/1756-55-0x000000001BA10000-0x000000001BD7A000-memory.dmp
    Filesize

    3.4MB

    Download
  • memory/1756-56-0x000000001ADA0000-0x000000001AE8A000-memory.dmp
    Filesize

    936KB

    Download
  • memory/1756-57-0x0000000000150000-0x0000000000156000-memory.dmp
    Filesize

    24KB

    Download
  • memory/1756-64-0x0000000000170000-0x0000000000176000-memory.dmp
    Filesize

    24KB

    Download
  • memory/1756-69-0x000000001CF80000-0x000000001D238000-memory.dmp
    Filesize

    2.7MB

    Download
  • memory/1756-70-0x000000001C430000-0x000000001C5A6000-memory.dmp
    Filesize

    1.5MB

    Download
  • memory/1756-71-0x0000000000560000-0x0000000000592000-memory.dmp
    Filesize

    200KB

    Download
  • memory/1756-72-0x000000001A8E6000-0x000000001A905000-memory.dmp
    Filesize

    124KB

    Download
  • memory/1756-73-0x0000000001F60000-0x0000000001F96000-memory.dmp
    Filesize

    216KB

    Download
  • memory/1756-74-0x000000001E150000-0x000000001E244000-memory.dmp
    Filesize

    976KB

    Download
  • memory/1756-75-0x00000000005D0000-0x00000000005D8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/1756-76-0x0000000001F40000-0x0000000001F46000-memory.dmp
    Filesize

    24KB

    Download
  • memory/1756-77-0x000000001A8E6000-0x000000001A905000-memory.dmp
    Filesize

    124KB

    Download