Overview

overview

3

Static

static

3

23bd471ca6...89.exe

windows7-x64

1

23bd471ca6...89.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    07/06/2023, 17:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    23bd471ca6a85ccb1a1719d13c3a57326afcf131a070f35f26ac3eb6ee6ea189.exe

  • Size

    113KB

  • MD5

    550d2c020b0ec15cbdc2bd7615e6b967

  • SHA1

    347b9a683405202f581ef0210e3a544a5715a822

  • SHA256

    23bd471ca6a85ccb1a1719d13c3a57326afcf131a070f35f26ac3eb6ee6ea189

  • SHA512

    0e320fd7c6d7064769cc01f0d93c340354664e9c882b598ad41e25e4178997eafb1a29e3f46e078c7303b29fa08f7310a162f7338b7b5f85184ff52554ee677a

  • SSDEEP

    3072:LQDvyk5f0s6KrgIV7zPl6FmmCFe97MYfhhj0/792zY8//5R:MMKrfv0FT9Jfu92z

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\23bd471ca6a85ccb1a1719d13c3a57326afcf131a070f35f26ac3eb6ee6ea189.exe
    "C:\Users\Admin\AppData\Local\Temp\23bd471ca6a85ccb1a1719d13c3a57326afcf131a070f35f26ac3eb6ee6ea189.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1192

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1192-54-0x0000000000D20000-0x0000000000D42000-memory.dmp

          Filesize

          136KB

          Download

        • memory/1192-55-0x0000000000CD0000-0x0000000000D10000-memory.dmp

          Filesize

          256KB

          Download

        • memory/1192-56-0x0000000000CD0000-0x0000000000D10000-memory.dmp

          Filesize

          256KB

          Download