Overview

overview

6

Static

static

1

Install.exe

windows7-x64

6

Install.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    106s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-04-2023 23:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Install.exe

  • Size

    4.2MB

  • MD5

    0038770ba0d6d4f9f7a3efe71c2c6e6c

  • SHA1

    e87ce315bf3fd6c0d51bbc7b548e354a0a976e1a

  • SHA256

    14deef88beb72f7ca7c85cdec36e0408cabaf21b523df673b729396cc6ab7b63

  • SHA512

    2b30b4b636a3927c0a997248b83335c3d95c0657e91938cf493a40fe8628cee7cc35e6243de4b0dd13458b297844f19b36f030e8254cdb7cf26a65a6c6c5926d

  • SSDEEP

    98304:TmvnqZOmYle8fpgjI32EkLg4ElXCYGLSljZ9445acb/dQA:uqEmYle8fpYITkLYSYGWhZO6ayt

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Install.exe
    "C:\Users\Admin\AppData\Local\Temp\Install.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4624

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4624-133-0x00000205EE560000-0x00000205EEECE000-memory.dmp

    Filesize

    9.4MB

    Download

  • memory/4624-134-0x00000205F09C0000-0x00000205F09C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4624-135-0x00000205F12B0000-0x00000205F12C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4624-136-0x00000205F5C00000-0x00000205F5C22000-memory.dmp

    Filesize

    136KB

    Download

  • memory/4624-137-0x00000205F12B0000-0x00000205F12C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4624-138-0x00000205F12B0000-0x00000205F12C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4624-139-0x00000205F12B0000-0x00000205F12C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4624-140-0x00000205F12B0000-0x00000205F12C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4624-141-0x00000205F12B0000-0x00000205F12C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4624-142-0x00000205F12B0000-0x00000205F12C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4624-143-0x00000205F12B0000-0x00000205F12C0000-memory.dmp

    Filesize

    64KB

    Download