Analysis

  • max time kernel
    240s
  • max time network
    305s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    08-11-2023 03:15

General

  • Target

    Rootkits/659e0d1b2405cadfa560fe648cbf6866720dd40bb6f4081d3dce2dffe20595d9.exe

  • Size

    9KB

  • MD5

    83720e64aa1388d55324a22536bd39cd

  • SHA1

    8fa3636a7697f953d7daa02a313981b9e3bc98e4

  • SHA256

    659e0d1b2405cadfa560fe648cbf6866720dd40bb6f4081d3dce2dffe20595d9

  • SHA512

    0ab402911cdefceb9a6ade0b968b10c628fed6da17097b8cd943f76527078a597425c8d0845bb86f0318ee1967dd3f43aa951f822b79933da475eb1ace70922d

  • SSDEEP

    192:V06wXINaG3GO/p/gqEQ3UCp3syXOYWmvmKI7H:VnNt/1gG3Hp3ToUjI7

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Rootkits\659e0d1b2405cadfa560fe648cbf6866720dd40bb6f4081d3dce2dffe20595d9.exe
    "C:\Users\Admin\AppData\Local\Temp\Rootkits\659e0d1b2405cadfa560fe648cbf6866720dd40bb6f4081d3dce2dffe20595d9.exe"
    1⤵
    • Suspicious behavior: LoadsDriver
    • Suspicious use of AdjustPrivilegeToken
    PID:2772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads