Overview

overview

7

Static

static

3

NEW ORDER FILE.bat

windows7-x64

7

NEW ORDER FILE.bat

windows10-2004-x64

7

NEW ORDER FILE1.exe

windows7-x64

1

NEW ORDER FILE1.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    177s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11-10-2023 07:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEW ORDER FILE1.exe

  • Size

    370KB

  • MD5

    e605ce827ace0aa2cc096965597c0a45

  • SHA1

    0d34649e1c4ca83e9e5ce57648e4b4fd0ae05689

  • SHA256

    625baa4a239a4b0a094ae64b2db0a37ef800ba6cd469728dcf86cb3c0f53f9cc

  • SHA512

    4a3672c5e5dfd8d540a73202cc66e849ab15561215d617e790906bf3abb16538bdf09cab973b54f654abf3cb2ecec1a0c82d1e4d4bb6a5fdf8e9f6cd8a3d280b

  • SSDEEP

    6144:pIkPdJwXW1D6ShqSxDj4tVw80oa/Vzp5Yo2jNvg0HKBzbsBhf5:pAsxDj4X/ux0NUU5

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEW ORDER FILE1.exe
    "C:\Users\Admin\AppData\Local\Temp\NEW ORDER FILE1.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2344

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2344-0-0x0000000000210000-0x0000000000272000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2344-1-0x000007FEF54E0000-0x000007FEF5ECC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2344-2-0x000000001BC80000-0x000000001BD00000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2344-3-0x000007FEF54E0000-0x000007FEF5ECC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2344-4-0x000000001BC80000-0x000000001BD00000-memory.dmp

    Filesize

    512KB

    Download