Overview

overview

1

Static

static

1

DesktopInfo64.exe

windows7-x64

1

DesktopInfo64.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/08/2023, 08:40

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    DesktopInfo64.exe

  • Size

    6.5MB

  • MD5

    0f78d88978c07c80e0b985f659f45337

  • SHA1

    a720afae3f346ef6aff0f64d47202b1c02657874

  • SHA256

    faa412f860119a6e530e50e921ad9d74005737831a148620c42209376d7a2c1d

  • SHA512

    f7bda4861ff37fce6914542470c0c591f381a0fb3461376ff1b3fefe8cfe21fa2af637fd9393e506668bc522b13508f4b3a0b2af8fa12a91db5abd29ca8942cd

  • SSDEEP

    49152:Dktch9L/4XvMQIOYE/u3OSkiyJV4NpCTucPv0uURhOQMHy51fVgZT3F+1:Cw78IQTXU

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 56 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DesktopInfo64.exe
    "C:\Users\Admin\AppData\Local\Temp\DesktopInfo64.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1312
  • C:\Windows\system32\wbem\WmiApSrv.exe
    C:\Windows\system32\wbem\WmiApSrv.exe
    1⤵
      PID:112

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1312-133-0x0000000000AC0000-0x0000000000AC1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/1312-136-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-137-0x0000000000AC0000-0x0000000000AC1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/1312-138-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-139-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-140-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-141-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-142-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-143-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-144-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-145-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-146-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-147-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-148-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-149-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download

          • memory/1312-150-0x0000000000400000-0x0000000000A92000-memory.dmp

            Filesize

            6.6MB

            Download