85d1d1ca4d5881d9b98928c2006fb0eec9655e2705fe74088e6f974a19703f0f

Analysis

max time kernel
156s
max time network
169s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
02-08-2023 01:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

plutonium.exe
Size

4.6MB
MD5

72cb7c6d98e9e47274733825c9176679
SHA1

8681469349254c5203a7f9a189833d22a14f5cd9
SHA256

85d1d1ca4d5881d9b98928c2006fb0eec9655e2705fe74088e6f974a19703f0f
SHA512

d18d306ca9a311df1a96244ecc67a3e61ffc8b9b465a1301263e11d500cc2f38847e922c57d4a3321196d6ceb32310113d7d790b4dfb2c05c3ff1e2af26dc708
SSDEEP

98304:zUaMwIBAoUcmmxVA5/xDnLx0yu+5TeRXExXYAx:Ia+AobhATd0yH0RXUo2

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2444	plutonium.exe

C:\Users\Admin\AppData\Local\Temp\plutonium.exe
"C:\Users\Admin\AppData\Local\Temp\plutonium.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Cab6EAD.tmp

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar6EBF.tmp

Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit
memory/2444-72-0x0000000002850000-0x0000000002866000-memory.dmp

Filesize
88KB

Download
memory/2444-374-0x000000001AAC0000-0x000000001AAF2000-memory.dmp

Filesize
200KB

Download
memory/2444-58-0x0000000000830000-0x0000000000838000-memory.dmp

Filesize
32KB

Download
memory/2444-74-0x00000000028F0000-0x000000000290E000-memory.dmp

Filesize
120KB

Download
memory/2444-60-0x0000000000810000-0x000000000082A000-memory.dmp

Filesize
104KB

Download
memory/2444-61-0x0000000000840000-0x000000000084A000-memory.dmp

Filesize
40KB

Download
memory/2444-62-0x0000000000850000-0x000000000085A000-memory.dmp

Filesize
40KB

Download
memory/2444-63-0x000000001C0E0000-0x000000001C44C000-memory.dmp

Filesize
3.4MB

Download
memory/2444-64-0x00000000009E0000-0x0000000000A22000-memory.dmp

Filesize
264KB

Download
memory/2444-65-0x000000001C450000-0x000000001CCB6000-memory.dmp

Filesize
8.4MB

Download
memory/2444-67-0x00000000025C0000-0x00000000025E2000-memory.dmp

Filesize
136KB

Download
memory/2444-66-0x00000000026B0000-0x0000000002700000-memory.dmp

Filesize
320KB

Download
memory/2444-68-0x000000001ADA0000-0x000000001AE22000-memory.dmp

Filesize
520KB

Download
memory/2444-69-0x0000000002820000-0x0000000002846000-memory.dmp

Filesize
152KB

Download
memory/2444-70-0x0000000002620000-0x0000000002628000-memory.dmp

Filesize
32KB

Download
memory/2444-71-0x0000000002700000-0x0000000002708000-memory.dmp

Filesize
32KB

Download
memory/2444-54-0x00000000002C0000-0x0000000000768000-memory.dmp

Filesize
4.7MB

Download
memory/2444-73-0x0000000002710000-0x000000000271A000-memory.dmp

Filesize
40KB

Download
memory/2444-59-0x0000000000800000-0x000000000080C000-memory.dmp

Filesize
48KB

Download
memory/2444-57-0x00000000027A0000-0x0000000002820000-memory.dmp

Filesize
512KB

Download
memory/2444-77-0x0000000002910000-0x000000000291A000-memory.dmp

Filesize
40KB

Download
memory/2444-76-0x0000000002910000-0x000000000291A000-memory.dmp

Filesize
40KB

Download
memory/2444-78-0x0000000002720000-0x00000000027A0000-memory.dmp

Filesize
512KB

Download
memory/2444-79-0x0000000002720000-0x00000000027A0000-memory.dmp

Filesize
512KB

Download
memory/2444-80-0x000007FEF5C00000-0x000007FEF65EC000-memory.dmp

Filesize
9.9MB

Download
memory/2444-81-0x0000000002720000-0x00000000027A0000-memory.dmp

Filesize
512KB

Download
memory/2444-82-0x000000001B960000-0x000000001B961000-memory.dmp

Filesize
4KB

Download
memory/2444-86-0x0000000002720000-0x00000000027A0000-memory.dmp

Filesize
512KB

Download
memory/2444-92-0x0000000002910000-0x000000000291A000-memory.dmp

Filesize
40KB

Download
memory/2444-97-0x0000000002720000-0x00000000027A0000-memory.dmp

Filesize
512KB

Download
memory/2444-99-0x0000000002720000-0x00000000027A0000-memory.dmp

Filesize
512KB

Download
memory/2444-101-0x0000000002720000-0x00000000027A0000-memory.dmp

Filesize
512KB

Download
memory/2444-56-0x0000000002720000-0x00000000027A0000-memory.dmp

Filesize
512KB

Download
memory/2444-55-0x000007FEF5C00000-0x000007FEF65EC000-memory.dmp

Filesize
9.9MB

Download
memory/2444-373-0x000000001AB80000-0x000000001ABF6000-memory.dmp

Filesize
472KB

Download
memory/2444-75-0x000000001B900000-0x000000001B928000-memory.dmp

Filesize
160KB

Download
memory/2444-375-0x000007FEF5C00000-0x000007FEF65EC000-memory.dmp

Filesize
9.9MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads