Overview

overview

3

Static

static

3

f17108a6c2...01.exe

windows7-x64

1

f17108a6c2...01.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    24/10/2023, 00:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f17108a6c271f42d9f7b644ea62e50dc8486aca44fa2d64b4c31ba233c9d2e01.exe

  • Size

    14KB

  • MD5

    27f973eacc806d42f70e6def07e89871

  • SHA1

    527dd5051e811337b695f9d738cff85e74be8b69

  • SHA256

    f17108a6c271f42d9f7b644ea62e50dc8486aca44fa2d64b4c31ba233c9d2e01

  • SHA512

    df5b076d6cd17bf11ee2ce9fb1f1acf34a86f308622a7a7ef836fea53035f11b515c328d8585cbcd7297c251827655dbdc45a7be3f2b3fb59e80883f8996b43f

  • SSDEEP

    384:Gliq5OfpWaQLuAwsLe9nETAufFaNh8oQCOSway7XGfB0:04SuAwrETRfIccy7X+0

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f17108a6c271f42d9f7b644ea62e50dc8486aca44fa2d64b4c31ba233c9d2e01.exe
    "C:\Users\Admin\AppData\Local\Temp\f17108a6c271f42d9f7b644ea62e50dc8486aca44fa2d64b4c31ba233c9d2e01.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:1264

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\explorer.txt
          Filesize

          4B

          MD5

          e37f0136aa3ffaf149b351f6a4c948e9

          SHA1

          fd62812fbd9ec4c7f99aa4f6253fead2388eb238

          SHA256

          bb54068aea85faa7e487530083366be9962390af822e4c71ef1aca7033c83e66

          SHA512

          b7730a4e905d04c9371b7e94b52aec652931d7da22838a29d5d38458c1ac0db39ad48c584b107edd69478e37e825d80f45e2b9d159b8ee8abc8b5eebee9e1ac1

          Download Submit

        • memory/1264-3-0x0000000004EB0000-0x0000000004EF0000-memory.dmp

          Filesize

          256KB

          Download

        • memory/1264-2-0x0000000004EB0000-0x0000000004EF0000-memory.dmp

          Filesize

          256KB

          Download

        • memory/1264-1-0x0000000074740000-0x0000000074E2E000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/1264-0-0x0000000000A00000-0x0000000000A0A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/1264-5-0x0000000074740000-0x0000000074E2E000-memory.dmp

          Filesize

          6.9MB

          Download

        • memory/1264-6-0x0000000004EB0000-0x0000000004EF0000-memory.dmp

          Filesize

          256KB

          Download

        • memory/1264-8-0x0000000004EB0000-0x0000000004EF0000-memory.dmp

          Filesize

          256KB

          Download