45c6e6bd446c71ce7e153f66bb59da7797ecdd746e70f228a2574b1255f7ec7f

Analysis

max time kernel
121s
max time network
135s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
31-10-2023 14:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fa590ab465b18bbe2f1b76f3a5e2153198f30a28b7a26b27f5cb56535964eceb.exe
Size

3.9MB
MD5

4dddb00dd1143eaf710129dbd484e0de
SHA1

4a2e78cbf2f3d3a132f94ae80f9031797892f138
SHA256

fa590ab465b18bbe2f1b76f3a5e2153198f30a28b7a26b27f5cb56535964eceb
SHA512

c59ed4d5dc7a4fb333dcbb5662f3d7e7e422a66ef080ff4dfc46486c17830276ddd658734bddf1bc1d502a9a2aa2d9702f8914b113d259af78fa2e8d3ce9c008
SSDEEP

98304:XBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuY8cvwu3707iQMMvozFVrwI:K2vhBWM2dK

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2376	fa590ab465b18bbe2f1b76f3a5e2153198f30a28b7a26b27f5cb56535964eceb.exe
2376	fa590ab465b18bbe2f1b76f3a5e2153198f30a28b7a26b27f5cb56535964eceb.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2376	fa590ab465b18bbe2f1b76f3a5e2153198f30a28b7a26b27f5cb56535964eceb.exe

C:\Users\Admin\AppData\Local\Temp\fa590ab465b18bbe2f1b76f3a5e2153198f30a28b7a26b27f5cb56535964eceb.exe
"C:\Users\Admin\AppData\Local\Temp\fa590ab465b18bbe2f1b76f3a5e2153198f30a28b7a26b27f5cb56535964eceb.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2376

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2376-0-0x00000000009C0000-0x0000000000DAC000-memory.dmp

Filesize
3.9MB

Download
memory/2376-1-0x000007FEF62A0000-0x000007FEF6C8C000-memory.dmp

Filesize
9.9MB

Download
memory/2376-2-0x0000000000410000-0x0000000000490000-memory.dmp

Filesize
512KB

Download
memory/2376-3-0x0000000000140000-0x0000000000150000-memory.dmp

Filesize
64KB

Download
memory/2376-4-0x0000000000170000-0x0000000000196000-memory.dmp

Filesize
152KB

Download
memory/2376-5-0x0000000000490000-0x000000000049E000-memory.dmp

Filesize
56KB

Download
memory/2376-6-0x00000000004A0000-0x00000000004B0000-memory.dmp

Filesize
64KB

Download
memory/2376-7-0x00000000004C0000-0x00000000004CA000-memory.dmp

Filesize
40KB

Download
memory/2376-8-0x0000000000970000-0x0000000000982000-memory.dmp

Filesize
72KB

Download
memory/2376-9-0x00000000025A0000-0x000000000261C000-memory.dmp

Filesize
496KB

Download
memory/2376-10-0x000000001AAD0000-0x000000001AB80000-memory.dmp

Filesize
704KB

Download
memory/2376-11-0x00000000024D0000-0x000000000251A000-memory.dmp

Filesize
296KB

Download
memory/2376-12-0x00000000009B0000-0x00000000009B8000-memory.dmp

Filesize
32KB

Download
memory/2376-14-0x0000000000980000-0x000000000098A000-memory.dmp

Filesize
40KB

Download
memory/2376-15-0x0000000000990000-0x000000000099A000-memory.dmp

Filesize
40KB

Download
memory/2376-17-0x0000000002620000-0x0000000002648000-memory.dmp

Filesize
160KB

Download
memory/2376-16-0x00000000023C0000-0x00000000023CC000-memory.dmp

Filesize
48KB

Download
memory/2376-18-0x000000001AF50000-0x000000001AF5C000-memory.dmp

Filesize
48KB

Download
memory/2376-19-0x000000001AF60000-0x000000001AF7A000-memory.dmp

Filesize
104KB

Download
memory/2376-20-0x00000000009A0000-0x00000000009AA000-memory.dmp

Filesize
40KB

Download
memory/2376-21-0x000000001AF80000-0x000000001AFAC000-memory.dmp

Filesize
176KB

Download
memory/2376-22-0x00000000009A0000-0x00000000009AA000-memory.dmp

Filesize
40KB

Download
memory/2376-23-0x000000001B120000-0x000000001B1A2000-memory.dmp

Filesize
520KB

Download
memory/2376-24-0x000000001AFB0000-0x000000001AFEA000-memory.dmp

Filesize
232KB

Download
memory/2376-25-0x000000001B010000-0x000000001B018000-memory.dmp

Filesize
32KB

Download
memory/2376-26-0x0000000000410000-0x0000000000490000-memory.dmp

Filesize
512KB

Download
memory/2376-27-0x0000000000410000-0x0000000000490000-memory.dmp

Filesize
512KB

Download
memory/2376-28-0x000007FEF62A0000-0x000007FEF6C8C000-memory.dmp

Filesize
9.9MB

Download
memory/2376-29-0x00000000023D0000-0x00000000023DA000-memory.dmp

Filesize
40KB

Download
memory/2376-30-0x000000001AFF0000-0x000000001AFFE000-memory.dmp

Filesize
56KB

Download
memory/2376-31-0x000000001B000000-0x000000001B00C000-memory.dmp

Filesize
48KB

Download
memory/2376-32-0x000000001B8A0000-0x000000001B8AE000-memory.dmp

Filesize
56KB

Download
memory/2376-35-0x000000001BAC0000-0x000000001BAC1000-memory.dmp

Filesize
4KB

Download
memory/2376-36-0x0000000000410000-0x0000000000490000-memory.dmp

Filesize
512KB

Download
memory/2376-37-0x0000000000410000-0x0000000000490000-memory.dmp

Filesize
512KB

Download
memory/2376-38-0x00000000009A0000-0x00000000009AA000-memory.dmp

Filesize
40KB

Download
memory/2376-39-0x0000000000410000-0x0000000000490000-memory.dmp

Filesize
512KB

Download
memory/2376-40-0x0000000000410000-0x0000000000490000-memory.dmp

Filesize
512KB

Download
memory/2376-41-0x0000000000410000-0x0000000000490000-memory.dmp

Filesize
512KB

Download
memory/2376-42-0x000000001BE50000-0x000000001BEC6000-memory.dmp

Filesize
472KB

Download
memory/2376-43-0x000000001C5E0000-0x000000001C606000-memory.dmp

Filesize
152KB

Download
memory/2376-44-0x000000001C610000-0x000000001C626000-memory.dmp

Filesize
88KB

Download
memory/2376-45-0x000000001BE40000-0x000000001BE4A000-memory.dmp

Filesize
40KB

Download