6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657

Analysis

max time kernel
73s
max time network
67s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
10/03/2023, 02:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657.exe
Size

1.8MB
MD5

15235cb2697dd290c1976dd31f10fc44
SHA1

00dc8836fd8b9fbab69419c19c2bcf998224cbf0
SHA256

6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657
SHA512

6df6f823d9efcfb5ee06218c75d096231789a063e331368cedf865fe9e8fd5f89e9518b23820f2e99662dd0e094e7d75111297b9bb47e3e53f3f1a56303bcc5b
SSDEEP

49152:LXJMezxMw6mUvPJCgbffRdvYMFE64Nx7mQfUsc:lMezxWrNbnRdwgE6ohmQf5c

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 5 IoCs

pid	Process
1996	6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657.exe
1996	6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657.exe
1996	6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657.exe
1996	6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657.exe
1996	6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1996	6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657.exe

C:\Users\Admin\AppData\Local\Temp\6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657.exe
"C:\Users\Admin\AppData\Local\Temp\6643176655f6e1dd356f5b827bc80ad2de499434717c8d78dd36a2110fed5657.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1996-54-0x0000000000500000-0x00000000006A1000-memory.dmp

Filesize
1.6MB

Download
memory/1996-55-0x000000000B890000-0x000000000C10F000-memory.dmp

Filesize
8.5MB

Download
memory/1996-56-0x000000000B130000-0x000000000B1BD000-memory.dmp

Filesize
564KB

Download
memory/1996-57-0x00000000012F0000-0x0000000001374000-memory.dmp

Filesize
528KB

Download
memory/1996-58-0x0000000003480000-0x0000000003534000-memory.dmp

Filesize
720KB

Download
memory/1996-60-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-59-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-62-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-64-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-66-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-68-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-70-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-72-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-74-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-76-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-78-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-80-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-82-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-86-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-84-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-88-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-89-0x0000000003CB0000-0x0000000003CF0000-memory.dmp

Filesize
256KB

Download
memory/1996-92-0x0000000003CB0000-0x0000000003CF0000-memory.dmp

Filesize
256KB

Download
memory/1996-93-0x0000000003CB0000-0x0000000003CF0000-memory.dmp

Filesize
256KB

Download
memory/1996-96-0x0000000003CB0000-0x0000000003CF0000-memory.dmp

Filesize
256KB

Download
memory/1996-95-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-91-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-98-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-100-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-102-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-104-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-106-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-108-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-110-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-112-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-114-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-116-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-118-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-120-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-122-0x0000000003480000-0x000000000352D000-memory.dmp

Filesize
692KB

Download
memory/1996-965-0x0000000003670000-0x00000000036C6000-memory.dmp

Filesize
344KB

Download
memory/1996-966-0x0000000003BA0000-0x0000000003BF4000-memory.dmp

Filesize
336KB

Download
memory/1996-967-0x0000000003E90000-0x0000000003EDC000-memory.dmp

Filesize
304KB

Download
memory/1996-968-0x0000000004060000-0x00000000040B4000-memory.dmp

Filesize
336KB

Download