91eb973a8bafa8cb19d6adc7dae4e547314472bfb48869cceccb2fb926280d94

Analysis

max time kernel
140s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
29/06/2023, 12:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

infected.zip
Size

3.1MB
MD5

ed173034fcbfce973004a5df16cc23b8
SHA1

d3466332928236fd7e40f830f67f9c09a283eb33
SHA256

91eb973a8bafa8cb19d6adc7dae4e547314472bfb48869cceccb2fb926280d94
SHA512

5882a5b36bbb59d69bc7d3ffca22c383ef4394b282cdb444fdeed3c6692d712f8d5fc03f6ffd66a1e6bc951082b6a16321414e7f11e0e746823a2c19b5658203
SSDEEP

98304:TQDT4oks464/7yLyxMk1OM32nN2Bs6PMVWCXFIjLYv:TQDT4uwymxPanj6PMVHh

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeManageVolumePrivilege	4148	svchost.exe

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\infected.zip
1⤵
PID:2456

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4148-133-0x0000026282AB0000-0x0000026282AC0000-memory.dmp

Filesize
64KB

Download
memory/4148-149-0x0000026282BB0000-0x0000026282BC0000-memory.dmp

Filesize
64KB

Download
memory/4148-165-0x000002628B1A0000-0x000002628B1A1000-memory.dmp

Filesize
4KB

Download
memory/4148-166-0x000002628B1C0000-0x000002628B1C1000-memory.dmp

Filesize
4KB

Download
memory/4148-167-0x000002628B1C0000-0x000002628B1C1000-memory.dmp

Filesize
4KB

Download
memory/4148-168-0x000002628B1C0000-0x000002628B1C1000-memory.dmp

Filesize
4KB

Download
memory/4148-169-0x000002628B1C0000-0x000002628B1C1000-memory.dmp

Filesize
4KB

Download
memory/4148-170-0x000002628B1C0000-0x000002628B1C1000-memory.dmp

Filesize
4KB

Download
memory/4148-171-0x000002628B1C0000-0x000002628B1C1000-memory.dmp

Filesize
4KB

Download
memory/4148-172-0x000002628B1C0000-0x000002628B1C1000-memory.dmp

Filesize
4KB

Download
memory/4148-173-0x000002628B1C0000-0x000002628B1C1000-memory.dmp

Filesize
4KB

Download
memory/4148-174-0x000002628B1C0000-0x000002628B1C1000-memory.dmp

Filesize
4KB

Download
memory/4148-175-0x000002628B1C0000-0x000002628B1C1000-memory.dmp

Filesize
4KB

Download
memory/4148-176-0x000002628ADF0000-0x000002628ADF1000-memory.dmp

Filesize
4KB

Download
memory/4148-177-0x000002628ADE0000-0x000002628ADE1000-memory.dmp

Filesize
4KB

Download
memory/4148-179-0x000002628ADF0000-0x000002628ADF1000-memory.dmp

Filesize
4KB

Download
memory/4148-182-0x000002628ADE0000-0x000002628ADE1000-memory.dmp

Filesize
4KB

Download
memory/4148-185-0x000002628AD20000-0x000002628AD21000-memory.dmp

Filesize
4KB

Download
memory/4148-197-0x000002628AF20000-0x000002628AF21000-memory.dmp

Filesize
4KB

Download
memory/4148-199-0x000002628AF30000-0x000002628AF31000-memory.dmp

Filesize
4KB

Download
memory/4148-200-0x000002628AF30000-0x000002628AF31000-memory.dmp

Filesize
4KB

Download
memory/4148-201-0x000002628B040000-0x000002628B041000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads