Overview

overview

10

Static

static

1

Optimizer-10.9.exe

windows7-x64

3

Optimizer-10.9.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    146s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    07-03-2023 22:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Optimizer-10.9.exe

  • Size

    1.6MB

  • MD5

    f5a5123443d544e9e580793fbdc16099

  • SHA1

    62e75d5714d031900db894f34b97528162d68195

  • SHA256

    8d78838a8c4bda57e8de3d9de4dc4d0e4e51c3e7c0af62fe8490df3e6bd22f59

  • SHA512

    049faf08e5f48438e4dabeb031f8541d10b3a56f6422ad58e7c03156bb412eef61772264d5ed3d984fc7ff7b3699f3b8cf08ea37a2e6c913e74a2a5b694431c9

  • SSDEEP

    24576:x9yoBcCUpGQzP7vXUrUmG/aeggD7PIEjR4xq7iiXTK7D3So9AIB+jg:vyoBQzTvXUImG/aeL70XWIB+j

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Optimizer-10.9.exe
    "C:\Users\Admin\AppData\Local\Temp\Optimizer-10.9.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1536
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1536 -s 684
      2⤵
      • Program crash
      PID:520
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:1496
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x548
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:1884
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:1756
      • C:\Users\Admin\AppData\Local\Temp\Optimizer-10.9.exe
        "C:\Users\Admin\AppData\Local\Temp\Optimizer-10.9.exe"
        1⤵
          PID:1664
          • C:\Windows\system32\WerFault.exe
            C:\Windows\system32\WerFault.exe -u -p 1664 -s 668
            2⤵
            • Program crash
            PID:1824

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\ProgramData\Optimizer\Optimizer.json
          Filesize

          1KB

          MD5

          765d34b86b9dd5180ae0ef9c45b069de

          SHA1

          2963360f569bdd31f849e595bb56f5f725fddd0b

          SHA256

          05a97b3837f4d8da91b18c446af4da3b4eefbf3bcb035d919183fb6bd8ac86e3

          SHA512

          7a631ea7a3df104fdb4fe1b7859dfffdcd46777e649921126ec712ae40dbc2a0e561b3ee38b363401efaa3d6f13f5b4872222cd0a21b4af3f99a1d362b9f8baf

          Download Submit

        • memory/1536-54-0x0000000000C60000-0x0000000000E0A000-memory.dmp

          Filesize

          1.7MB

          Download

        • memory/1536-55-0x000000001AE40000-0x000000001AEEA000-memory.dmp

          Filesize

          680KB

          Download

        • memory/1536-75-0x0000000000970000-0x00000000009F0000-memory.dmp

          Filesize

          512KB

          Download

        • memory/1536-77-0x0000000000970000-0x00000000009F0000-memory.dmp

          Filesize

          512KB

          Download

        • memory/1664-79-0x00000000004D0000-0x0000000000550000-memory.dmp

          Filesize

          512KB

          Download