Analysis
-
max time kernel
106s -
max time network
98s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
08-06-2023 20:18
General
-
Target
v2.4_2023/Setup.exe
-
Size
1MB
-
MD5
b48edb144a48bd29e3078b1a06258bf9
-
SHA1
d82508bbb08a2600ae61ee3c642992823cb5eae6
-
SHA256
c05c7ec4570bfc44e87f6e6efc83643b47a378bb088c53da4c5ecf7b93194dc6
-
SHA512
4fa787d3e3d6eb722bb623616751d18cec8f8a4427c33fc5d12d354d40d05f90b35afa9d735b2fbb551dc2f0ebb85d694d87bc2cac4ffb9d7b7fc997f73f6be0
-
SSDEEP
24576:QvCy4ovy82hVPV8+QkKY54+Lfy24N5j5Q+0Htnl:ryCLVq+QmySRv+0N
Score
5/10
Malware Config
Signatures
-
Suspicious use of SetThreadContext 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of WriteProcessMemory 13 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\v2.4_2023\Setup.exe"C:\Users\Admin\AppData\Local\Temp\v2.4_2023\Setup.exe"
- Suspicious use of SetThreadContext
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
Network
MITRE ATT&CK Matrix
Replay Monitor
00:00
00:00
Downloads
-
memory/576-57-0x0000000000400000-0x000000000043F000-memory.dmpFilesize
252KB
-
memory/576-59-0x0000000000400000-0x000000000043F000-memory.dmpFilesize
252KB
-
memory/576-60-0x0000000000400000-0x000000000043F000-memory.dmpFilesize
252KB
-
memory/1216-54-0x0000000000210000-0x000000000033A000-memory.dmpFilesize
1MB
-
memory/1216-55-0x0000000000720000-0x00000000007A0000-memory.dmpFilesize
512KB
-
memory/1216-56-0x000000001B1B0000-0x000000001B232000-memory.dmpFilesize
520KB