Overview

overview

3

Static

static

3

Cogmz.exe

windows7-x64

1

Cogmz.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    163s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11-10-2023 06:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Cogmz.exe

  • Size

    38KB

  • MD5

    e416dceae6981f686ceb3512fb9257ee

  • SHA1

    80e6b4c52c237a38115ed66d411666b5eb386f5f

  • SHA256

    4b6d052e0cd9a90f541d02c4b7e4a1ac9ab5f0a8d15912a90d3b73f7d0551ab7

  • SHA512

    b283f873409d217b893a360fdb46a80af29e679db05d4c5bad14b5b0fd8c12ff63c709a1aae7af30b1c2773a7800aadbc2d039d441e6495152ef8fc09eb7a9d3

  • SSDEEP

    384:F9d//WyPvQGb5bKIYuVIyCHzR96L9HE7Uai8kh51g8PxlKCDmmlUh:9zb5WIYuV5O4N26HpQo92

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Cogmz.exe
    "C:\Users\Admin\AppData\Local\Temp\Cogmz.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1676-0-0x0000000000E90000-0x0000000000E9C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/1676-1-0x000007FEF5490000-0x000007FEF5E7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1676-2-0x00000000024C0000-0x0000000002540000-memory.dmp

    Filesize

    512KB

    Download

  • memory/1676-3-0x000007FEF5490000-0x000007FEF5E7C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1676-4-0x00000000024C0000-0x0000000002540000-memory.dmp

    Filesize

    512KB

    Download