Overview

overview

5

Static

static

3

vim.exe

windows7-x64

1

vim.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    15-07-2023 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    vim.exe

  • Size

    2.9MB

  • MD5

    b863babddb3fc78dcf107d9a719f1657

  • SHA1

    c22ceaf166d10bdf094d78fd997fc30f02dfc238

  • SHA256

    730f9a47df6a76a197405127cbb9af53bc1955aaabb1a57d67bc5bf435288e3d

  • SHA512

    e4c4374dd8bbb6a6eabf3a55b829f69d6b12cc81e1ed40dfd07e7b1fe5aed85f675d3d2640d379cfc5c9bf5515aee98be73e1daec287a2ce91e5810023d32aa2

  • SSDEEP

    49152:LX85fmOZgz+i/tWzbAxCgn/QufVCJfU01g1yJuMsFQdB0QfyHxEDjWnzW:r89Dk+Tc+Jj1grtQTRfXWn

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\vim.exe
    "C:\Users\Admin\AppData\Local\Temp\vim.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads