Analysis
-
max time kernel
1s -
max time network
131s -
platform
windows7_x64 -
resource
win7-20231020-en -
resource tags
-
submitted
17/11/2023, 01:36
General
-
Target
38b66360dd717f4e7294ede42662eae2.exe
-
Size
2.7MB
-
MD5
38b66360dd717f4e7294ede42662eae2
-
SHA1
7e4016ff551bedc8555015653e4e9fd301dc06df
-
SHA256
32360bceabe284df42c45bdf5407d7cdeaa94fe843699ebc8a484ed1cf6351d5
-
SHA512
4188e2cf337fae06bcb56e41e9d4f439fc43d568e03222de46db536c7e2befd6c18ff6270c80ad97e35df15388710e66f3ac573de01cffb4073fcb656888bd1a
-
SSDEEP
49152:Fcu5x+55MK0x9gMPjufPgpH6Z2eZh6Tk/9i3XnqeeKLX0wzA:Fcu5054x9fafPaHk2eZhvsveKAwE
Score
6/10
Malware Config
Signatures
-
Checks whether UAC is enabled 1 TTPs 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of FindShellTrayWindow 2 IoCs
-
Suspicious use of SendNotifyMessage 2 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\38b66360dd717f4e7294ede42662eae2.exe"C:\Users\Admin\AppData\Local\Temp\38b66360dd717f4e7294ede42662eae2.exe"1⤵
- Checks whether UAC is enabled
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
128KB
-
Filesize
128KB