fc6618113a61357e5923cee665d5a19467b05c579995f9de03c83ddd0e33b0ad

Analysis

max time kernel
143s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
03-10-2023 22:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fc6618113a61357e5923cee665d5a19467b05c579995f9de03c83ddd0e33b0ad.exe
Size

997KB
MD5

3477dd5e2037894c9d05e806edd1cae5
SHA1

6689d1d1bef1eb88d68dd0f1a1b1441254d6b012
SHA256

fc6618113a61357e5923cee665d5a19467b05c579995f9de03c83ddd0e33b0ad
SHA512

0ccb999a2e0bb010507de06646e07a062da87d9a59dd3988242941aed5e4bddc1866ce7aa4f57823204a3bd84f03cc8db25436b3c83b4cba6d3f60464aa6de82
SSDEEP

12288:sa9uR4ZvT0AGM7vAUpEU3M+2ZYnIlktSxi1/3:saYiPAszzIlkSxA/3

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeManageVolumePrivilege	4820	svchost.exe

C:\Users\Admin\AppData\Local\Temp\fc6618113a61357e5923cee665d5a19467b05c579995f9de03c83ddd0e33b0ad.exe
"C:\Users\Admin\AppData\Local\Temp\fc6618113a61357e5923cee665d5a19467b05c579995f9de03c83ddd0e33b0ad.exe"
1⤵
PID:4716

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:4528

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm

Filesize
16KB

MD5
4770be11384ca2e302f1cf61155f2be1

SHA1
1614d07622483d680015f403cd2611f80657be02

SHA256
ce62feac34c4dd45c09a611d76986b52da73785d13704274073c6bef81f3ad27

SHA512
694e4bfc8835f1c7b3337dd720d9aadb41ed29bccc9f282c8ff26a766a39b337a6b691025af29c712227d93d5e4d66e146737880d14ed8ee2a3582465ee44416

Download Submit
memory/4820-40-0x000001C2CA410000-0x000001C2CA411000-memory.dmp

Filesize
4KB

Download
memory/4820-33-0x000001C2CA410000-0x000001C2CA411000-memory.dmp

Filesize
4KB

Download
memory/4820-42-0x000001C2CA410000-0x000001C2CA411000-memory.dmp

Filesize
4KB

Download
memory/4820-34-0x000001C2CA410000-0x000001C2CA411000-memory.dmp

Filesize
4KB

Download
memory/4820-35-0x000001C2CA410000-0x000001C2CA411000-memory.dmp

Filesize
4KB

Download
memory/4820-36-0x000001C2CA410000-0x000001C2CA411000-memory.dmp

Filesize
4KB

Download
memory/4820-37-0x000001C2CA410000-0x000001C2CA411000-memory.dmp

Filesize
4KB

Download
memory/4820-38-0x000001C2CA410000-0x000001C2CA411000-memory.dmp

Filesize
4KB

Download
memory/4820-43-0x000001C2CA030000-0x000001C2CA031000-memory.dmp

Filesize
4KB

Download
memory/4820-0-0x000001C2C1D40000-0x000001C2C1D50000-memory.dmp

Filesize
64KB

Download
memory/4820-68-0x000001C2CA280000-0x000001C2CA281000-memory.dmp

Filesize
4KB

Download
memory/4820-32-0x000001C2CA3E0000-0x000001C2CA3E1000-memory.dmp

Filesize
4KB

Download
memory/4820-39-0x000001C2CA410000-0x000001C2CA411000-memory.dmp

Filesize
4KB

Download
memory/4820-44-0x000001C2CA020000-0x000001C2CA021000-memory.dmp

Filesize
4KB

Download
memory/4820-46-0x000001C2CA030000-0x000001C2CA031000-memory.dmp

Filesize
4KB

Download
memory/4820-49-0x000001C2CA020000-0x000001C2CA021000-memory.dmp

Filesize
4KB

Download
memory/4820-52-0x000001C2C9F60000-0x000001C2C9F61000-memory.dmp

Filesize
4KB

Download
memory/4820-16-0x000001C2C1E40000-0x000001C2C1E50000-memory.dmp

Filesize
64KB

Download
memory/4820-64-0x000001C2CA160000-0x000001C2CA161000-memory.dmp

Filesize
4KB

Download
memory/4820-66-0x000001C2CA170000-0x000001C2CA171000-memory.dmp

Filesize
4KB

Download
memory/4820-67-0x000001C2CA170000-0x000001C2CA171000-memory.dmp

Filesize
4KB

Download
memory/4820-41-0x000001C2CA410000-0x000001C2CA411000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads