Overview

overview

3

Static

static

3

41ff14d970...ec.exe

windows7-x64

1

41ff14d970...ec.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    18/09/2023, 01:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    41ff14d970caf2f4662ee223327fe591391f253855b91d70436f432a53da4aec.exe

  • Size

    10.0MB

  • MD5

    359622d861f14d9792c46249c4585e81

  • SHA1

    5e257d6e6142adcc739b6fe6cef659409230cac0

  • SHA256

    41ff14d970caf2f4662ee223327fe591391f253855b91d70436f432a53da4aec

  • SHA512

    e2be47bc2ca3231efdcbded700955c56a8728548d3df926acff6b0385644282f495b485ed3999c620e72f6c6334380b1533a53df166a4b1cab9e0a169d5eaa80

  • SSDEEP

    196608:JhtWb2Gnf+2gIYbHeBM1eEpRr6rSNJSiAgHbOnQlnyb+kMSAWSspriN/P:ftWNdgFbHk1EpR+GNlA+KUkMSAWSgriR

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\41ff14d970caf2f4662ee223327fe591391f253855b91d70436f432a53da4aec.exe
    "C:\Users\Admin\AppData\Local\Temp\41ff14d970caf2f4662ee223327fe591391f253855b91d70436f432a53da4aec.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2160

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\41ff14d970caf2f4662ee223327fe591391f253855b91d70436f432a53da4aec.exepack.tmp
          Filesize

          2KB

          MD5

          1618120d47974256f1523d8fad891704

          SHA1

          179e5243c89a70e9d7a7beeadedd361b3c646ab0

          SHA256

          d3a8fb8276852b1c5c43ed5f32d8a512259e974ccde00cd708f27f7dec0a410a

          SHA512

          1ba09fe328b285ea6291831cc8d5250c858fda1f46cfd1ebb79c71fb075add5866e2627d622972ab39d236946a6d835adbf67ebe59f19caad21f4739dd13509d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\4a0d307681c76db110c27edfd0c0c901.ini
          Filesize

          1KB

          MD5

          bf6f565e5fd2f486d8452fcfba184cf1

          SHA1

          7d431f1d319744cb57bedd4900d63d7cd00bee74

          SHA256

          82424499de69475fc2712b2215ef5be6a97c2ab2bf0cb3c5ded03a269641cba1

          SHA512

          2616f664665dc3574282067ccf3970c3940e53f4f2bfbeb012148dfb0b1f16169f61653a5e60ca8d4182e925922dd91c5fe598ed6d5e2c2d7dd9d631bd7795c8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\4a0d307681c76db110c27edfd0c0c901A.ini
          Filesize

          1KB

          MD5

          f570533c0855e862bf1b13fe8cc60906

          SHA1

          daf0d9fa18f267ac5794f8f05893061aa1daf20a

          SHA256

          d570de82e6ebc6088ba8f6dcb4748773997a3e51f6e557d98af4dcf562cb95e4

          SHA512

          73ebb27dcd41aad0d7fa8f644da5ea094aa27667d1ad78442637839e0557ca7fb94c3ae1e0c57bce01dac98ce294a769a77cbc808aa3b746fd81a5c444291b77

          Download Submit

        • memory/2160-354-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-356-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-2-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-1-0x0000000000250000-0x0000000000253000-memory.dmp

          Filesize

          12KB

          Download

        • memory/2160-349-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-350-0x0000000000250000-0x0000000000253000-memory.dmp

          Filesize

          12KB

          Download

        • memory/2160-351-0x0000000050000000-0x0000000050109000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/2160-352-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-353-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-0-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-355-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-5-0x0000000050000000-0x0000000050109000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/2160-357-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-358-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-359-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-360-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-361-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-362-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-363-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-364-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download

        • memory/2160-365-0x0000000000400000-0x0000000001DF3000-memory.dmp

          Filesize

          25.9MB

          Download