Overview

overview

3

Static

static

3

mw_fixer_upd.exe

windows7-x64

1

mw_fixer_upd.exe

windows10-2004-x64

1

Resubmissions

27-06-2023 13:16

230627-qh3vkafa7x 3

27-06-2023 11:49

230627-ny2lbsdh78 3

27-06-2023 11:04

230627-m6rknadg99 3

27-06-2023 10:54

230627-mzt27sdg87 4

27-06-2023 10:46

230627-mt2vvsdg72 3

27-06-2023 10:40

230627-mqwjnsef9w 3

27-06-2023 10:34

230627-ml65lsef8t 8

27-06-2023 10:25

230627-mf5dtsdg32 3

27-06-2023 10:20

230627-mdlhyaef6w 3

27-06-2023 10:10

230627-l7twqsdf86 3

Analysis

  • max time kernel
    91s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230621-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-06-2023 09:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mw_fixer_upd.exe

  • Size

    1.4MB

  • MD5

    b71ceec4d2fa2b92317a2cf5b6da57d2

  • SHA1

    13ffc0de36ced78ac6265a2218eaab9febd2ec37

  • SHA256

    dc1f4cfd064c60ac539523c4154729bf6582f5f0a90e58411155c4ad94a80739

  • SHA512

    3ad188dd6596b35053607c0eeeb0fa780475c633ada516ac043c39cd3d381f482abc1af72732aa199a673a9fa3ef446cad190e37aea8511e65e450200d7f2aaf

  • SSDEEP

    24576:H+HmINIU4dInPT2LgQgkzBdsRfOndZEEbZjH+B1LJ:H+GaIU4dSaL/Jz3n3DeBF

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\mw_fixer_upd.exe
    "C:\Users\Admin\AppData\Local\Temp\mw_fixer_upd.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3844
  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
    1⤵
      PID:3996
    • C:\Users\Admin\AppData\Local\Temp\mw_fixer_upd.exe
      "C:\Users\Admin\AppData\Local\Temp\mw_fixer_upd.exe"
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:4260

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\mw_fixer_upd.exe.log
      Filesize

      1KB

      MD5

      5cb90c90e96a3b36461ed44d339d02e5

      SHA1

      5508281a22cca7757bc4fbdb0a8e885c9f596a04

      SHA256

      34c15d8e79fef4bddec7e34f3426df3b68f8fc6deac29ea12d110f6c529fe3bb

      SHA512

      63735938c841c28824e3482559df18839930acc5ea8600b1074439b70a2f600a92f41593568e49991f25f079e7f7361b4f1678feadbf004f6e9e4d51d36598d4

      Download Submit

    • memory/3844-133-0x0000000000F80000-0x00000000010EA000-memory.dmp

      Filesize

      1.4MB

      Download

    • memory/3844-134-0x000000001BE30000-0x000000001BE40000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4260-137-0x000000001B140000-0x000000001B150000-memory.dmp

      Filesize

      64KB

      Download