Analysis
-
max time kernel
555s -
max time network
564s -
platform
windows10-1703_x64 -
resource
win10-20231129-en -
resource tags
arch:x64arch:x86image:win10-20231129-enlocale:en-usos:windows10-1703-x64system -
submitted
05-12-2023 14:52
Static task
static1
Behavioral task
behavioral1
Sample
cgsetup_.exe
Resource
win10-20231129-en
Behavioral task
behavioral2
Sample
cgsetup_.exe
Resource
win10v2004-20231127-en
General
-
Target
cgsetup_.exe
-
Size
127KB
-
MD5
fd093f3100a56b710c50d41667da7e2b
-
SHA1
5ec9063e4380f642d2a551da76fd4d3f00fd4c96
-
SHA256
f6dfae75fd23c0446ec1721994cf2530c66bd76366423176414747b39153bf58
-
SHA512
d3daebf6e3669a4b2a944e60d97c86fd31878cea66e252f05ea8d23f92c1f02ef8e6f4dda250b979a9b9df3fa71dc43c4ab98e2cae52e7687861d1e9a3dd09c0
-
SSDEEP
3072:ACNd5JY06+ywjDnJShh8N7JNzFrxO/DLxPO4GV:TNVPtVQ7LtOz
Malware Config
Signatures
-
Drops file in Program Files directory 1 IoCs
description ioc Process File created C:\Program Files\2a1964f9-40fd-41d6-aba2-59866d9e4315\de67350f-3974-4ddf-a360-835996e7013f.exe cgsetup_.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeDebugPrivilege 4724 cgsetup_.exe Token: SeSecurityPrivilege 4724 cgsetup_.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD5647f843626b023aaaa748f924f95ac25
SHA1652cacf99409e3dcd39b6eb8839c16d22b1800e8
SHA256732dee732e0261afbfba21eca43008a5009cfc9e4c405ece8826a9746564cceb
SHA51261093dcbe07efa5bdffec4933243168bf40b8159bc5a9840552bc3ea8e7c129156276a8548c658e5267bf0b8c4448dcb5c8ab10140c72ed48eb8910c075022fa