Overview

overview

3

Static

static

3

b7da8caf86...16.exe

windows7-x64

1

b7da8caf86...16.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    12-10-2023 00:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b7da8caf86e7b7db84d180527362a943c7df4e618b2ccf7475b68574c782e216.exe

  • Size

    15.9MB

  • MD5

    cd37de7980adc08c23e3e6f9fa0756c7

  • SHA1

    df309eeb9fa347df3b2e183f0e9e4c73563c2ebe

  • SHA256

    b7da8caf86e7b7db84d180527362a943c7df4e618b2ccf7475b68574c782e216

  • SHA512

    34960185b64d6951f79c977947c11b6ca7f1c772d0cdd9a6e6235a6f60b3a0e78df1c7da74f2e18544acf60b2a090aa0c535cb78e8f01cf56692857c3f5f29ee

  • SSDEEP

    393216:Ia9wat5PHyghi2XR8ZtRGb5sgK/sVICfeNCiuBSN2U354Ym:D6ePSg4fZmb+gBteYi1X54H

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b7da8caf86e7b7db84d180527362a943c7df4e618b2ccf7475b68574c782e216.exe
    "C:\Users\Admin\AppData\Local\Temp\b7da8caf86e7b7db84d180527362a943c7df4e618b2ccf7475b68574c782e216.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\35f36875710917504ba8cc7577125af8.ini
    Filesize

    1KB

    MD5

    17e6f4601823baead5f7ef5ccebfa369

    SHA1

    4b87f43caa75a357d5feae1e33f16b9b9d605978

    SHA256

    984efaed8675dd5e4b47172f65fb3864681d000058099944ac7ad198b2bd9724

    SHA512

    01d9ada5ed16e81ca6243a25bfa6b1b99a9a6a101b25552a972829307d009e174f6869181bf13f0ad2bb537c83cec48bb9fa073b852dbe85d504cf3586e4b609

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\35f36875710917504ba8cc7577125af8A.ini
    Filesize

    1KB

    MD5

    ed03bb14766efae019dd793b1e6d03e1

    SHA1

    9e9e6520ef0fca947927f3eef5c5d8039ef23c5f

    SHA256

    c145897d21b90d0d55d15b34c26903f8cde2998906d50f91ddaea7c40e5ed457

    SHA512

    6f8a6f556b88b2af84677c80fc871502b1e7faee81706d67fe9d23dc8d28ead9f86058d95285759a438f969ab4520a319676b439164cb7fe5f5cdb7c6e15495e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\b7da8caf86e7b7db84d180527362a943c7df4e618b2ccf7475b68574c782e216.exepack.tmp
    Filesize

    2KB

    MD5

    b39472bab08b68b10900f005cc76526f

    SHA1

    1fbdfe7a1d9a0bb4cdea5c4c929c4e2c7ee405c5

    SHA256

    b3490631ddcb693cdae67f59691d23f3b54a0bd47f3155a12c5aba26bfced88c

    SHA512

    9f48909ec7af8a74c359db702bf20bc6e7f630258ffec46d7237050731fe7a8aa29d12fa200225c2ab533dae4820df893a98836ee6377e4c9b775c53c72a2931

    Download Submit

  • memory/2068-350-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-352-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-2-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-1-0x00000000001D0000-0x00000000001D3000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2068-319-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-320-0x00000000001D0000-0x00000000001D3000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2068-321-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-0-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-351-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-5-0x0000000050000000-0x0000000050109000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2068-353-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-354-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-355-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-356-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-357-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-358-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-359-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-360-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-361-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download

  • memory/2068-362-0x0000000000400000-0x0000000001DF5000-memory.dmp

    Filesize

    26.0MB

    Download