Overview

overview

3

Static

static

3

f5c620d5e3...22.exe

windows7-x64

1

f5c620d5e3...22.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-10-2023 07:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f5c620d5e3d2dfaaeb9208d58f12978233334cea42df69766f79c43b71f01522.exe

  • Size

    8.4MB

  • MD5

    918b39a88c3d2680950a4150531f593d

  • SHA1

    2568db13ed56cee70d95582cb26fd64204488c8a

  • SHA256

    f5c620d5e3d2dfaaeb9208d58f12978233334cea42df69766f79c43b71f01522

  • SHA512

    10bcdce47227b6b6dc8bd5fafa23524393f0dfeb7fa6fe22e39aff093db99fc7cd7ada5b64a0003ef3aac7da8131ceed03a15d9434cabf7e3e6937c94f7af9aa

  • SSDEEP

    49152:jcX2xDrf+2Lrb/TYvO90d7HjmAFd4A64nsfJirvtwXSh6aWXW7xkTovzw/V5AsYa:7tAYfDAsYM1EfcQYeqBWkG9yFHsyMrY

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f5c620d5e3d2dfaaeb9208d58f12978233334cea42df69766f79c43b71f01522.exe
    "C:\Users\Admin\AppData\Local\Temp\f5c620d5e3d2dfaaeb9208d58f12978233334cea42df69766f79c43b71f01522.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:4616
    • C:\Windows\system32\cmd.exe
      cmd ver
      2⤵
        PID:4360

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads