02b4c46c209ed74bcfdd68e227cdeab401208da70e435bc86786fccd5f3e020f

Analysis

max time kernel
119s
max time network
132s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
02-10-2023 11:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

82ddc4754e1b1e2e877202f725d89726b8f4d909fc0a153234e3bb7e7a4a8b9f.exe
Size

3.9MB
MD5

5bc54b1323295686e57cb8f4bbfb934f
SHA1

193a9731fa3d2503202529c3335690f928597475
SHA256

82ddc4754e1b1e2e877202f725d89726b8f4d909fc0a153234e3bb7e7a4a8b9f
SHA512

dd86fc44b3ef776cbd85bebbe6a9c5bfdf8d15b13167192c900d1549969529016019b28e331ca216bad1ed632347b7d24d3863f860e08f51594d948d57d69eca
SSDEEP

98304:ABzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuY8cvwu3707iQMMvozFVrwO:J2vhBwM2dK

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2968	82ddc4754e1b1e2e877202f725d89726b8f4d909fc0a153234e3bb7e7a4a8b9f.exe
2968	82ddc4754e1b1e2e877202f725d89726b8f4d909fc0a153234e3bb7e7a4a8b9f.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2968	82ddc4754e1b1e2e877202f725d89726b8f4d909fc0a153234e3bb7e7a4a8b9f.exe

C:\Users\Admin\AppData\Local\Temp\82ddc4754e1b1e2e877202f725d89726b8f4d909fc0a153234e3bb7e7a4a8b9f.exe
"C:\Users\Admin\AppData\Local\Temp\82ddc4754e1b1e2e877202f725d89726b8f4d909fc0a153234e3bb7e7a4a8b9f.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2968-0-0x00000000003B0000-0x000000000079C000-memory.dmp

Filesize
3.9MB

Download
memory/2968-1-0x000007FEF5BE0000-0x000007FEF65CC000-memory.dmp

Filesize
9.9MB

Download
memory/2968-2-0x000000001B160000-0x000000001B1E0000-memory.dmp

Filesize
512KB

Download
memory/2968-3-0x0000000000240000-0x0000000000250000-memory.dmp

Filesize
64KB

Download
memory/2968-4-0x0000000000270000-0x0000000000296000-memory.dmp

Filesize
152KB

Download
memory/2968-5-0x0000000000310000-0x000000000031E000-memory.dmp

Filesize
56KB

Download
memory/2968-6-0x0000000000320000-0x0000000000330000-memory.dmp

Filesize
64KB

Download
memory/2968-7-0x0000000000910000-0x000000000091A000-memory.dmp

Filesize
40KB

Download
memory/2968-8-0x0000000000920000-0x0000000000932000-memory.dmp

Filesize
72KB

Download
memory/2968-9-0x0000000002440000-0x00000000024BC000-memory.dmp

Filesize
496KB

Download
memory/2968-10-0x000000001B010000-0x000000001B0C0000-memory.dmp

Filesize
704KB

Download
memory/2968-11-0x000000001B0C0000-0x000000001B10A000-memory.dmp

Filesize
296KB

Download
memory/2968-12-0x0000000000970000-0x0000000000978000-memory.dmp

Filesize
32KB

Download
memory/2968-14-0x0000000000930000-0x000000000093A000-memory.dmp

Filesize
40KB

Download
memory/2968-15-0x0000000000940000-0x000000000094A000-memory.dmp

Filesize
40KB

Download
memory/2968-17-0x000000001AAD0000-0x000000001AAF8000-memory.dmp

Filesize
160KB

Download
memory/2968-16-0x0000000000960000-0x000000000096C000-memory.dmp

Filesize
48KB

Download
memory/2968-18-0x00000000024C0000-0x00000000024CC000-memory.dmp

Filesize
48KB

Download
memory/2968-19-0x000000001AED0000-0x000000001AEEA000-memory.dmp

Filesize
104KB

Download
memory/2968-20-0x000000001B110000-0x000000001B13C000-memory.dmp

Filesize
176KB

Download
memory/2968-21-0x000000001B740000-0x000000001B7C2000-memory.dmp

Filesize
520KB

Download
memory/2968-24-0x0000000000990000-0x000000000099A000-memory.dmp

Filesize
40KB

Download
memory/2968-23-0x0000000000990000-0x000000000099A000-memory.dmp

Filesize
40KB

Download
memory/2968-22-0x000000001AEF0000-0x000000001AEF8000-memory.dmp

Filesize
32KB

Download
memory/2968-25-0x000000001B7C0000-0x000000001B7FA000-memory.dmp

Filesize
232KB

Download
memory/2968-26-0x000000001B160000-0x000000001B1E0000-memory.dmp

Filesize
512KB

Download
memory/2968-27-0x0000000000980000-0x000000000098A000-memory.dmp

Filesize
40KB

Download
memory/2968-28-0x00000000024D0000-0x00000000024DE000-memory.dmp

Filesize
56KB

Download
memory/2968-29-0x000000001AF00000-0x000000001AF0C000-memory.dmp

Filesize
48KB

Download
memory/2968-30-0x000000001B150000-0x000000001B15E000-memory.dmp

Filesize
56KB

Download
memory/2968-33-0x000007FEF5BE0000-0x000007FEF65CC000-memory.dmp

Filesize
9.9MB

Download
memory/2968-34-0x000000001B9F0000-0x000000001B9F1000-memory.dmp

Filesize
4KB

Download
memory/2968-35-0x000000001B160000-0x000000001B1E0000-memory.dmp

Filesize
512KB

Download
memory/2968-36-0x000000001BB50000-0x000000001BBC6000-memory.dmp

Filesize
472KB

Download
memory/2968-37-0x000000001BA00000-0x000000001BA26000-memory.dmp

Filesize
152KB

Download
memory/2968-38-0x000000001B930000-0x000000001B946000-memory.dmp

Filesize
88KB

Download
memory/2968-39-0x000000001B160000-0x000000001B1E0000-memory.dmp

Filesize
512KB

Download
memory/2968-40-0x000000001BA30000-0x000000001BA3A000-memory.dmp

Filesize
40KB

Download
memory/2968-41-0x0000000000990000-0x000000000099A000-memory.dmp

Filesize
40KB

Download
memory/2968-42-0x0000000000990000-0x000000000099A000-memory.dmp

Filesize
40KB

Download
memory/2968-43-0x000000001B160000-0x000000001B1E0000-memory.dmp

Filesize
512KB

Download
memory/2968-44-0x000000001B160000-0x000000001B1E0000-memory.dmp

Filesize
512KB

Download