942dc34e908c79f017a488c349ee4702f6a4e55d1e34210bd94152a4d0e97d70

Analysis

max time kernel
142s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
09/10/2023, 12:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe
Size

596KB
MD5

30c6d61fa32db6ae04fe3a3deaa94ba9
SHA1

9138ed7bb8254ccbd18b70f50027a2c8b5df131b
SHA256

942dc34e908c79f017a488c349ee4702f6a4e55d1e34210bd94152a4d0e97d70
SHA512

ffdeb487b69d0bdad72397e39611677861aa568212cc3c07b2fb76b4dcedca44b03542f894012bf7569aac35139cc45f1f475dedbcbc43c8cfcab8d007a4b23f
SSDEEP

12288:zMYnQ3j67SESV1eXl8OhA90NrGSCTrVnHYQMe3Fet/h8xGY1U5wVfz1Zp2rXXpSn:zBi1nHYQMCC9YZ1jEMPAFg

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4908 set thread context of 4312	4908	SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe	86

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4312	SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe
4312	SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4908	SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 4908 wrote to memory of 4312	4908	SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe	86
PID 4908 wrote to memory of 4312	4908	SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe	86
PID 4908 wrote to memory of 4312	4908	SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe	86
PID 4908 wrote to memory of 4312	4908	SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe	86
PID 4908 wrote to memory of 4312	4908	SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe	86
PID 4908 wrote to memory of 4312	4908	SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe	86

C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe
"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:4908
- C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe
  "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.Inject4.61718.1564.16740.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4312

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4312-61-0x0000000000400000-0x000000000043A000-memory.dmp

Filesize
232KB

Download
memory/4312-64-0x00000000017D0000-0x0000000001B1A000-memory.dmp

Filesize
3.3MB

Download
memory/4312-65-0x0000000000400000-0x000000000043A000-memory.dmp

Filesize
232KB

Download
memory/4908-30-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-34-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-5-0x0000000005670000-0x00000000059C4000-memory.dmp

Filesize
3.3MB

Download
memory/4908-6-0x0000000005560000-0x0000000005572000-memory.dmp

Filesize
72KB

Download
memory/4908-8-0x00000000055C0000-0x00000000055D0000-memory.dmp

Filesize
64KB

Download
memory/4908-7-0x0000000005580000-0x00000000055AA000-memory.dmp

Filesize
168KB

Download
memory/4908-9-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-10-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-12-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-36-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-16-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-22-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-20-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-24-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-18-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-26-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-28-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-0-0x0000000000A00000-0x0000000000A9C000-memory.dmp

Filesize
624KB

Download
memory/4908-4-0x00000000055D0000-0x0000000005662000-memory.dmp

Filesize
584KB

Download
memory/4908-32-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-14-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-38-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-40-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-42-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-44-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-46-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-48-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-50-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-52-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-54-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-56-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-58-0x0000000005580000-0x00000000055A3000-memory.dmp

Filesize
140KB

Download
memory/4908-59-0x00000000059D0000-0x00000000059D1000-memory.dmp

Filesize
4KB

Download
memory/4908-60-0x0000000005AC0000-0x0000000005B5C000-memory.dmp

Filesize
624KB

Download
memory/4908-3-0x0000000005B80000-0x0000000006124000-memory.dmp

Filesize
5.6MB

Download
memory/4908-63-0x0000000074F20000-0x00000000756D0000-memory.dmp

Filesize
7.7MB

Download
memory/4908-2-0x0000000005480000-0x0000000005506000-memory.dmp

Filesize
536KB

Download
memory/4908-1-0x0000000074F20000-0x00000000756D0000-memory.dmp

Filesize
7.7MB

Download