Overview

overview

6

Static

static

1

AppInstaller 11.6.exe

windows7-x64

1

AppInstaller 11.6.exe

windows10-2004-x64

6

Resubmissions

04/07/2023, 04:52

230704-fhwq5sbb42 6

04/07/2023, 04:45

230704-fds5fsbb28 6

Analysis

  • max time kernel
    27s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2023, 04:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AppInstaller 11.6.exe

  • Size

    20.0MB

  • MD5

    bc4915dd472d41ab5aa5bb7d64a6be86

  • SHA1

    f5892a4ea271ed22c391efe41473211165db2b70

  • SHA256

    1c7dfa1e4b1ab71105b75c8a75af52317e901f7160e28765303da7f7988fa8da

  • SHA512

    4a7901e2018c800b86761a660a77a88b99189b0bd50875eb41363fc24649033687d13d36bafb622ca049db1846635a20034944a8c9b71291bd87e6006a7b0118

  • SSDEEP

    393216:2kJvkICSBwFjNiiFz62aBUyx7Whgt6sS1RT01snRzP9pzXo:ZJsICS8JrzhaBLJWiUsEB01snt9pzX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 7 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AppInstaller 11.6.exe
    "C:\Users\Admin\AppData\Local\Temp\AppInstaller 11.6.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2396

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2396-54-0x0000000000190000-0x0000000000191000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-55-0x0000000000190000-0x0000000000191000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-56-0x0000000000190000-0x0000000000191000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-57-0x00000000001A0000-0x00000000001A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-58-0x00000000001A0000-0x00000000001A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-59-0x00000000001A0000-0x00000000001A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-60-0x00000000001F0000-0x00000000001F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-61-0x00000000001F0000-0x00000000001F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-62-0x00000000001F0000-0x00000000001F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-64-0x0000000000200000-0x0000000000201000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-65-0x0000000000200000-0x0000000000201000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-67-0x0000000000250000-0x0000000000251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-68-0x0000000000250000-0x0000000000251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-70-0x0000000000260000-0x0000000000261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-71-0x0000000000260000-0x0000000000261000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-73-0x0000000000270000-0x0000000000271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-74-0x0000000000270000-0x0000000000271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2396-75-0x0000000000920000-0x000000000293D000-memory.dmp

    Filesize

    32.1MB

    Download