Overview

overview

4

Static

static

3

spoofer.exe

windows7-x64

4

spoofer.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/07/2023, 21:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    spoofer.exe

  • Size

    46KB

  • MD5

    8bca0d339dc5406f7b473d2d9d613d8d

  • SHA1

    849f161bbfc3258ad12554bc28b886438fca4b2b

  • SHA256

    461488dac225040638ea77dc0975f38b2ed72186d3485f800ee613617e3f46c0

  • SHA512

    cdb869e4b8b98fb3fc2b210cb1f3744c4febaa91076d25ffa4e388f318253782107320eb95a636e9802c215451f6f0e4ea63dd0f69b466f9c45d21d0d75c6934

  • SSDEEP

    768:2/3ycTl8SgNVbbATYsBdEgBg8nw9IxF5uek7SkqQ9MYmBYc3qeU:2/5+SybAT1ByIxWl7b9CQeU

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\spoofer.exe
    "C:\Users\Admin\AppData\Local\Temp\spoofer.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3456

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3456-133-0x0000000074DB0000-0x0000000075560000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/3456-134-0x0000000000DA0000-0x0000000000DB0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/3456-135-0x00000000094C0000-0x0000000009A64000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/3456-136-0x0000000074DB0000-0x0000000075560000-memory.dmp

          Filesize

          7.7MB

          Download