Overview

overview

3

Static

static

1

S55 Quickflash.exe

windows7-x64

1

S55 Quickflash.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/10/2023, 19:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    S55 Quickflash.exe

  • Size

    1.1MB

  • MD5

    c058262de37aa46e9422ece8f898fc47

  • SHA1

    f25e3013ac6ec4cd6fbdd34a59d382de260d5235

  • SHA256

    105dab4a1aaf42d6ee6fe1d6d8fec1ccaf3b55ca0087c086cd7b0dd10832a7ef

  • SHA512

    f121c639aba55a610a1b363e26c0c3b23bf9e6bab533ac0193fa486cd439b89158c320a68653cca2d697e3a25aa8eded02ccd2ae3aa2752e1ea74779ff76f029

  • SSDEEP

    24576:wwq9at5WcviAVYJ+MIYoUC1BQWaocT07YkO0y:w/oNrVKozf1arlkO0y

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\S55 Quickflash.exe
    "C:\Users\Admin\AppData\Local\Temp\S55 Quickflash.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4528
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4528 -s 17752
      2⤵
      • Program crash
      PID:1476
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4528 -s 143260
      2⤵
      • Program crash
      PID:3748
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 4528 -ip 4528
    1⤵
      PID:4772
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 4528 -ip 4528
      1⤵
        PID:2124

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4528-0-0x00000000000B0000-0x00000000001D6000-memory.dmp

        Filesize

        1.1MB

        Download

      • memory/4528-1-0x0000000074F40000-0x00000000756F0000-memory.dmp

        Filesize

        7.7MB

        Download

      • memory/4528-2-0x00000000024C0000-0x00000000024C6000-memory.dmp

        Filesize

        24KB

        Download

      • memory/4528-3-0x0000000004C40000-0x0000000004C50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4528-4-0x000000000D820000-0x000000000D982000-memory.dmp

        Filesize

        1.4MB

        Download

      • memory/4528-5-0x000000000DF30000-0x000000000E4D4000-memory.dmp

        Filesize

        5.6MB

        Download

      • memory/4528-6-0x000000000DA60000-0x000000000DAF2000-memory.dmp

        Filesize

        584KB

        Download

      • memory/4528-7-0x0000000004650000-0x0000000004672000-memory.dmp

        Filesize

        136KB

        Download

      • memory/4528-8-0x0000000004640000-0x0000000004646000-memory.dmp

        Filesize

        24KB

        Download

      • memory/4528-9-0x0000000008400000-0x0000000008466000-memory.dmp

        Filesize

        408KB

        Download

      • memory/4528-10-0x00000000090E0000-0x000000000960C000-memory.dmp

        Filesize

        5.2MB

        Download

      • memory/4528-11-0x0000000004EE0000-0x0000000004EEA000-memory.dmp

        Filesize

        40KB

        Download

      • memory/4528-12-0x0000000074F40000-0x00000000756F0000-memory.dmp

        Filesize

        7.7MB

        Download