Overview

overview

10

Static

static

10

Hex-Rays I...te.exe

windows10-2004-x64

1

Hex-Rays I...64.exe

windows10-2004-x64

1

Hex-Rays I...da.exe

windows10-2004-x64

1

Hex-Rays I...64.exe

windows10-2004-x64

1

Hex-Rays I...ch.exe

windows10-2004-x64

1

Hex-Rays I...at.exe

windows10-2004-x64

1

Hex-Rays I...64.exe

windows10-2004-x64

1

Hex-Rays I...ph.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    18s
  • max time network
    73s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230621-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-07-2023 22:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Hex-Rays IDA Professional Advanced Floating And Decompiler Full Activated/dbgsrv/win32_remote.exe

  • Size

    713KB

  • MD5

    ed16388d2796c93b705d6f4c98f16259

  • SHA1

    b546c201eb04d4ffdd9dd02d0925d7667b286541

  • SHA256

    4d0782fac17baa4b91c8ec36b2d28398656f9fbd858135be2d418323c1c6648f

  • SHA512

    ec9060adcfe0a3a9db19692f5f88402838cc6f5a286b34124c38cc9cf6ee45bc57dacedb9f432f5a705040d3af442fe27b02ac23da73452bec8c39cb93022274

  • SSDEEP

    12288:riygK09BFg1M7J8JjBGYaRCCm0qPZwtY6CpJg4Kg+3PuK3JhJ6LaT/D270gFU:rafOCmzwtY1EfuK3f8LaTb8P

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Hex-Rays IDA Professional Advanced Floating And Decompiler Full Activated\dbgsrv\win32_remote.exe
    "C:\Users\Admin\AppData\Local\Temp\Hex-Rays IDA Professional Advanced Floating And Decompiler Full Activated\dbgsrv\win32_remote.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:5100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads