Overview

overview

4

Static

static

1

penis.exe

windows10-1703-x64

4

penis.exe

windows10-2004-x64

1

sss.exe

windows10-1703-x64

1

sss.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    1751s
  • max time network
    1226s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/03/2023, 05:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sss.exe

  • Size

    208KB

  • MD5

    9577a63626d2536e7416494f09f0eec2

  • SHA1

    044ca0fecf2436aac3f9e7acc3c97b30588c594d

  • SHA256

    77b4c0f9929073ce132223f3169349f3e7a626c392b7dbc1a39fa89265c2c6bf

  • SHA512

    5098bba829a795c2aefa85a583388b71690f588dda92bb85b5304fd698e1aa77a610fe98ef93767803fc6fa11a46f94711bf1a4f9e0b7dc464ce61823b9e8763

  • SSDEEP

    3072:KDEkVjGPsw40vLkVjqP4w6U+ToIuWNXmmZTWl/jC7gDooMLa6:K4kSuZToIuUXmmZbgDooMz

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\sss.exe
    "C:\Users\Admin\AppData\Local\Temp\sss.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft_Corporation\sss.exe_StrongName_lw2v2vm3wmtzzpebq33gybmeoxukb04w\3.0.0.0\AutoSaveInformation\eyvbwe34.tmp
    Filesize

    191B

    MD5

    7ffa55ff6ac84742fc67b49b83be3f12

    SHA1

    446ffc4c9e1d7626f078755e81e91d914e142f67

    SHA256

    786cb96e30e42c16784374e9e5e14298976752e69cfaaf7fcb2ed016d9e3b6bb

    SHA512

    59d9467f12f8386138b4a13ab68a98bddb3a8e213af4afb3cdce78d56d16d56f21453138e4ad183f228974ffa710ebe123e657a05f0ee2623c5e845c93c2b096

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_3ukal1cc.zvh.ps1
    Filesize

    60B

    MD5

    d17fe0a3f47be24a6453e9ef58c94641

    SHA1

    6ab83620379fc69f80c0242105ddffd7d98d5d9d

    SHA256

    96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

    SHA512

    5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

    Download Submit

  • memory/2196-156-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-153-0x000001B6F4C10000-0x000001B6F4C32000-memory.dmp

    Filesize

    136KB

    Download

  • memory/2196-137-0x000001B6F48D0000-0x000001B6F4908000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2196-138-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-143-0x000001B6F4840000-0x000001B6F4848000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2196-135-0x000001B6F4880000-0x000001B6F48CA000-memory.dmp

    Filesize

    296KB

    Download

  • memory/2196-158-0x000001B6F3F20000-0x000001B6F3F28000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2196-154-0x000001B6F4B30000-0x000001B6F4B38000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2196-155-0x000001B6F4B40000-0x000001B6F4B48000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2196-157-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-136-0x000001B6D7A70000-0x000001B6D7A7E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2196-133-0x000001B6D5DA0000-0x000001B6D5DD8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2196-163-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-160-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-161-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-162-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-159-0x000001B6F4080000-0x000001B6F40A6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/2196-165-0x000001B6F4290000-0x000001B6F42A2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2196-166-0x000001B6F42F0000-0x000001B6F432C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/2196-134-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-223-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-224-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-225-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2196-226-0x000001B6F2E60000-0x000001B6F2E70000-memory.dmp

    Filesize

    64KB

    Download