Analysis
-
max time kernel
140s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
31-03-2023 05:53
Static task
static1
Behavioral task
behavioral1
Sample
123.exe
Resource
win7-20230220-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
123.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
123.exe
-
Size
2.7MB
-
MD5
732dec385b880a8cca996aa49e009608
-
SHA1
546b512d13f2ca7e9a56c20ebcead7f1d9db4cbe
-
SHA256
de9f2f1d1927bdab4d37dcdd7b1bcfb7ef58b8b756e94dee35636002161f049d
-
SHA512
53e42ecaf680c0be1210f1e9c12d10a5063c6fa60c7551bc6b198f678ed1780b4434bc9e8564892583ecfa964569e91342d0d799b36bb4efdda971e466b3c569
-
SSDEEP
49152:NDlCNBphVPv2K7bTgfcrf/99dJaIVXI2RCWGFvMygeIwGT4kWeoN++tW3ljXhZ:NDleXTdNg70ivttmj
Score
10/10
Malware Config
Extracted
Credentials
Protocol: ftp- Host:
45.151.135.235 - Port:
21 - Username:
123 - Password:
123
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
123.exedescription pid process Token: SeDebugPrivilege 1716 123.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
123.exepid process 1716 123.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1716-136-0x000000001C0D0000-0x000000001C0E0000-memory.dmpFilesize
64KB
-
memory/1716-135-0x000000001C0D0000-0x000000001C0E0000-memory.dmpFilesize
64KB
-
memory/1716-141-0x000000001C0D0000-0x000000001C0E0000-memory.dmpFilesize
64KB
-
memory/1716-142-0x000000001C0D0000-0x000000001C0E0000-memory.dmpFilesize
64KB
-
memory/1716-143-0x000000001C0D0000-0x000000001C0E0000-memory.dmpFilesize
64KB