Resubmissions
27-03-2023 11:22
230327-ngrd2adc33 727-03-2023 10:06
230327-l455laeh8s 123-03-2023 15:46
230323-s7rjyagf63 1Analysis
-
max time kernel
31s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
27-03-2023 11:22
General
-
Target
f54a41145b732d47d4a2b0a1c6e811ddcba48558.exe
-
Size
502KB
-
MD5
0118319ac0ffa2b074fe4e7ce2b3c0cb
-
SHA1
f54a41145b732d47d4a2b0a1c6e811ddcba48558
-
SHA256
9a9b94e04c97df3b3df7ef20da36b11bf782a2b20db806c227612c44124d6bb3
-
SHA512
585ac4860fb35ccad737a9ec1f6b51efc2a4ac749cab4f905311ba49b4be42ce1ab85b282b226c3e51188fbd611f32e0205f73f3da5ff80df6f8da32e519e4f0
-
SSDEEP
12288:BGW89Rlv7AVUPPc51erzJYzGDJ2p+Ia2ZOoM2P:BZShwUPPcqr1fD8xZnP
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 5 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f54a41145b732d47d4a2b0a1c6e811ddcba48558.exeC:\Users\Admin\AppData\Local\Temp\f54a41145b732d47d4a2b0a1c6e811ddcba48558.exe /key:"P2sSW0rd1234!@#$C"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
297KB
MD5623a18dc5a76e4722efe6a9032476306
SHA1bfe8dfa574a56b16959ecd47a80d702608b16820
SHA2566d5be3e6939a7c86280044eebe71c566b48981a3341193aa3aff634a3a5d1bbd
SHA5129915eada6b8e5d1893af5adb37b3a05d8ecb5223c8c85328480fa999899a226f55a51ed0b2d7950478346a8cc685df9a7b1f25fb982e083fd53b4aa31c7d1170
-
Filesize
140KB