Overview

overview

3

Static

static

3

92fb01656d...52.exe

windows7-x64

1

92fb01656d...52.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13-10-2023 12:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    92fb01656d0676556c36e446919d5a99b2cbf788dd537b0cdac38adcba9c8e52.exe

  • Size

    7.3MB

  • MD5

    8e3452a086300b39d86e3c268c3c971e

  • SHA1

    164f833322739455e53875eefd9f36d4515bd8c7

  • SHA256

    92fb01656d0676556c36e446919d5a99b2cbf788dd537b0cdac38adcba9c8e52

  • SHA512

    b9aefa52793bb4c0ef0c9f6d537ec0d6ada48dec105ee21566e04829c0011e65b232a7c8d80fdd3aa55bbd8286a19fe2d4aaee1d143c601da104547df3612246

  • SSDEEP

    196608:DRYCFTc+fAbwYtgxeYnC0sTuftpt3bNuSiUPzx:DbFIKBaGwTaNuSVx

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\92fb01656d0676556c36e446919d5a99b2cbf788dd537b0cdac38adcba9c8e52.exe
    "C:\Users\Admin\AppData\Local\Temp\92fb01656d0676556c36e446919d5a99b2cbf788dd537b0cdac38adcba9c8e52.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1248
    • C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s dm.dll
      2⤵
        PID:2280

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads