Overview

overview

5

Static

static

3

5946a1230d...5a.exe

windows7-x64

5

5946a1230d...5a.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    140s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    04-11-2023 03:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5946a1230d1dcdb5190b7dfb15c6b7640f96f6144a8aaa45a5fe303c47e2515a.exe

  • Size

    4.5MB

  • MD5

    5b9199d8d78e1f243dd06650ea280d2b

  • SHA1

    c9ea60db6995c7601831eb53392f35ddeeeec019

  • SHA256

    5946a1230d1dcdb5190b7dfb15c6b7640f96f6144a8aaa45a5fe303c47e2515a

  • SHA512

    1a3340e7b9cf03ab73fc04eee7b6a5cd6883027b19ec9373fa15f74b2d75065ed71972be4572c2cda61f05174f3d4f121676fdae05ebaf6e2144904c1efa9813

  • SSDEEP

    98304:WHBlU61iNt6x9G7phImiaE9YwciOWdQ/kJFpMExVMU:WHTU6QW9yImi2rWOk3xy

Score
5/10

Malware Config

Signatures

  • AutoIT Executable 6 IoCs

    AutoIT scripts compiled to PE executables.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5946a1230d1dcdb5190b7dfb15c6b7640f96f6144a8aaa45a5fe303c47e2515a.exe
    "C:\Users\Admin\AppData\Local\Temp\5946a1230d1dcdb5190b7dfb15c6b7640f96f6144a8aaa45a5fe303c47e2515a.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    PID:1764

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1764-0-0x0000000000400000-0x0000000001001000-memory.dmp

    Filesize

    12.0MB

    Download

  • memory/1764-4-0x0000000002CF0000-0x0000000002DF0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1764-3-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-7-0x0000000002CF0000-0x0000000002DF0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1764-12-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-13-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-15-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-18-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-20-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-21-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-27-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-26-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-23-0x0000000000400000-0x0000000001001000-memory.dmp

    Filesize

    12.0MB

    Download

  • memory/1764-32-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-33-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-35-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-37-0x0000000002CF0000-0x0000000002DF0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1764-39-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-41-0x0000000002CF0000-0x0000000002DF0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1764-43-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-45-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-47-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-49-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-51-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-53-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-56-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-58-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-61-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-62-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-60-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-64-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-66-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-68-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-70-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-72-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-74-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-76-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-78-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-80-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-82-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-84-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-86-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-88-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-90-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-92-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-94-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-96-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-98-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-100-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-102-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-104-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-106-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-108-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-110-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-112-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-114-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-116-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-118-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-120-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-122-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-124-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-126-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-128-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-130-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-132-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-137-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-138-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-139-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-143-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-145-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-148-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-147-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-149-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-146-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-157-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-169-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-168-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-167-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-166-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-165-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-164-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-158-0x0000000000390000-0x00000000003A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1764-183-0x0000000000400000-0x0000000001001000-memory.dmp

    Filesize

    12.0MB

    Download

  • memory/1764-199-0x0000000000400000-0x0000000001001000-memory.dmp

    Filesize

    12.0MB

    Download

  • memory/1764-200-0x0000000000400000-0x0000000001001000-memory.dmp

    Filesize

    12.0MB

    Download

  • memory/1764-201-0x0000000000400000-0x0000000001001000-memory.dmp

    Filesize

    12.0MB

    Download

  • memory/1764-202-0x0000000000400000-0x0000000001001000-memory.dmp

    Filesize

    12.0MB

    Download