Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    03/05/2023, 11:26

General

  • Target

    CASH OFFER AND PROOF OF FUNDS.exe

  • Size

    78KB

  • MD5

    9a40168e711a0bd875ee4c912c0357a0

  • SHA1

    96505a9fd271da437eff5c191fbfbc3572e5bdb4

  • SHA256

    be7c5be95e0d3f3c841b3dace8eb4c46acb9e42970324ee976a41ec210ae9f86

  • SHA512

    ca35e6c155044aa35b4194605b7ca2341b0c15f9e37228d46a99198d08cb3442d9d6c2d51d6a2c60490b68a9d7752e96a6dc75e5c28981d682602af0f74b6f8d

  • SSDEEP

    1536:guvph1oILHFw7Dunm48VoDYednpbM/9oI6eYnw7TPxdF8o75F943hh:jvph1oILHOXut8O86S9oRe8wfxvXX4

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CASH OFFER AND PROOF OF FUNDS.exe
    "C:\Users\Admin\AppData\Local\Temp\CASH OFFER AND PROOF OF FUNDS.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1408

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1408-54-0x00000000009D0000-0x00000000009E4000-memory.dmp

          Filesize

          80KB

        • memory/1408-55-0x00000000005B0000-0x00000000005F0000-memory.dmp

          Filesize

          256KB

        • memory/1408-56-0x00000000005B0000-0x00000000005F0000-memory.dmp

          Filesize

          256KB