Overview

overview

1

Static

static

1

YOLO_ Real...n.html

windows10-2004-x64

1

Resubmissions

13/07/2023, 12:46

230713-pzw8nsgf96 1

13/07/2023, 12:46

230713-pzn73ahe9w 5

13/07/2023, 12:42

230713-pxlzxsgf84 1

Analysis

  • max time kernel
    143s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/07/2023, 12:46

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    YOLO_ Real-Time Object Detection.html

  • Size

    21KB

  • MD5

    392353b25ce509dcdef67067fe1caad2

  • SHA1

    d3492854814b0270b9f3f4c251ccbb06eb43ff44

  • SHA256

    218e7dadc84c119ee83f28cbcb0eeccbbb0ec5e16ebd98ab4cbbb33459269d77

  • SHA512

    6caa7a4c3dfc48862e456eab896418d085a77ca2138a30d9684bc6bea6fae86f5c25f8d1fb3589269edbc074bc6aa25a0e0fd83fdf53c54db5deb6a7ba738f7e

  • SSDEEP

    384:W5iVuzld0Ra+uo7kJTmTdSTUScTpdatdO/Vcoz+fSW52MODYRoOyC:W5iVyldl+uo7kJTodSTUTT/azkdW52v0

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    powershell start shell:Appsfolder\Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge "C:\Users\Admin\AppData\Local\Temp\YOLO_ Real-Time Object Detection.html"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2604

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_lwyapnwj.lki.ps1
          Filesize

          60B

          MD5

          d17fe0a3f47be24a6453e9ef58c94641

          SHA1

          6ab83620379fc69f80c0242105ddffd7d98d5d9d

          SHA256

          96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

          SHA512

          5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

          Download Submit

        • memory/2604-142-0x0000014E3C520000-0x0000014E3C542000-memory.dmp

          Filesize

          136KB

          Download

        • memory/2604-143-0x00007FF903B90000-0x00007FF904651000-memory.dmp

          Filesize

          10.8MB

          Download

        • memory/2604-145-0x0000014E3C3E0000-0x0000014E3C3F0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2604-144-0x0000014E3C3E0000-0x0000014E3C3F0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2604-148-0x0000014E3C6D0000-0x0000014E3C81E000-memory.dmp

          Filesize

          1.3MB

          Download

        • memory/2604-149-0x00007FF903B90000-0x00007FF904651000-memory.dmp

          Filesize

          10.8MB

          Download