Overview

overview

3

Static

static

3

667.exe

windows7-x64

1

667.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    15-11-2023 11:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    667.exe

  • Size

    28KB

  • MD5

    56e4b9c493995baf2ef199ffef3f94bd

  • SHA1

    fbda0a267f6ac748704d3b7c32f7c67ce4266a2a

  • SHA256

    ace2f1d6d215cb6e1233d27a2d2d15199fc2c5ae7bacb187b8b546d3b17c5926

  • SHA512

    48cd1f882f4c3e4835a67ae7aba24efa589cff7985f0a66d84379b5337f2298c29a84380400869d6a841d8cf2f4317e3b80bab524eea730fbfaf9636d638aa9b

  • SSDEEP

    384:guyUxVIJrT6kw1lUp7aZhJUDsldyKEqyPIK8SC3sY75Y+wGIQlWqj8zf7V+y6hTl:guypT6kwrbvJUIlzEqS17mTVogUfTgt

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\667.exe
    "C:\Users\Admin\AppData\Local\Temp\667.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2220-0-0x0000000000DC0000-0x0000000000DCE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2220-1-0x0000000074710000-0x0000000074DFE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2220-2-0x0000000000D40000-0x0000000000D80000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2220-3-0x0000000074710000-0x0000000074DFE000-memory.dmp

    Filesize

    6.9MB

    Download