Analysis

  • max time kernel
    141s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:48

General

  • Target

    Serv-U/ServUAdmin.exe

  • Size

    2.5MB

  • MD5

    a1ce91003dab3490819f6c843e47077a

  • SHA1

    a47333bbf7b59ea85a7dff63d0ae0cb5a1e8c21d

  • SHA256

    89bcd46ae90b05d7b95f184b6cacd13e0be815140f92e35e52d3806f5457885c

  • SHA512

    7903007c5e48b98dba4d564b9875cff53bda8d08861b005e194662bcd5d7f8b5a68ad39df4f6d99d81305f539f39234a67568b00adbe920014441cf19651d6f4

  • SSDEEP

    49152:9PwrHFdwu54mXX2MUUKIUFtoaBQriFhV9o1TB5NYUgQAJv8gcZDL:mT5HXXIZHol6Ug4L

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Serv-U\ServUAdmin.exe
    "C:\Users\Admin\AppData\Local\Temp\Serv-U\ServUAdmin.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2220-0-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

  • memory/2220-1-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-2-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

  • memory/2220-3-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-4-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-5-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-6-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-7-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-8-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-9-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-10-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-11-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-12-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-13-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-14-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB

  • memory/2220-15-0x0000000000400000-0x0000000000683000-memory.dmp

    Filesize

    2.5MB