2250b5830397143cabfad6feb0d0f3f9a57a3568eaa1a1f5434dd933d46cc403

Analysis

max time kernel
26s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 13:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

22d8697bdd0de33d37bcdcd3c1ee762c.exe
Size

397KB
MD5

22d8697bdd0de33d37bcdcd3c1ee762c
SHA1

55cfebca8b04b2b48d5d713ba7ece7ae6f33735b
SHA256

2250b5830397143cabfad6feb0d0f3f9a57a3568eaa1a1f5434dd933d46cc403
SHA512

e26f2826c98a937d5afd21d20a66e36774271c82de94ee7f02c8dc574724a67f5fe7cd176642099f179f35f331a60402ff86d98e01e16635e5b46c5ca506a9a5
SSDEEP

6144:lb7odqrOZ/5vQoRXxVjmKJDUgrxSz8gI8x2W6b5Mm80KaYIH:lQdqkhvQoRBVbFlxSz8g4smLKiH

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 2 IoCs

pid	Process
5040	22d8697bdd0de33d37bcdcd3c1ee762c.exe
5040	22d8697bdd0de33d37bcdcd3c1ee762c.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	5040	22d8697bdd0de33d37bcdcd3c1ee762c.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
5040	22d8697bdd0de33d37bcdcd3c1ee762c.exe
5040	22d8697bdd0de33d37bcdcd3c1ee762c.exe

C:\Users\Admin\AppData\Local\Temp\22d8697bdd0de33d37bcdcd3c1ee762c.exe
"C:\Users\Admin\AppData\Local\Temp\22d8697bdd0de33d37bcdcd3c1ee762c.exe"
1⤵
- Loads dropped DLL
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:5040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\jki6C95.tmp

Filesize
77KB

MD5
7fd56b67a5fae1f1f8d5fcb8aec9ad81

SHA1
382cf66dd0c2c69a283295b96c824109af14d5aa

SHA256
7065e473ede6f3c176bffef0d0d5baab8c1c73e693bde1ea1c72275c3b61f8d4

SHA512
f9dfbfbb84cc5487f5a2ac50539c8e2e9d578bf5c65dd860425b937d90af42216204c2550eed1dbbc517f62198c8f2b33d510a62c561c03e5c513fb042a7a26a

Download Submit
C:\Users\Admin\AppData\Local\Temp\jki6C95.tmp

Filesize
64KB

MD5
981abd38460f4dcb3bc6b3429731831d

SHA1
8f76642dfe0f313a24415d93a7faf398512cb0b1

SHA256
a3d73be32a9b2c3a1f037acf1db5adf75c6b54a8e4f6be20761e48b9edb8b88f

SHA512
d44558777b272ec957931f073bc7d2faf6b65b852902ac0b2cdb0f0f58427d198abd88af166dd4e26597a94be2f5de94fcb0d86267a01220dafe94fee461948f

Download Submit
memory/5040-10-0x0000000004CA0000-0x0000000004CB0000-memory.dmp

Filesize
64KB

Download
memory/5040-11-0x0000000004CA0000-0x0000000004CB0000-memory.dmp

Filesize
64KB

Download
memory/5040-6-0x0000000004CA0000-0x0000000004CB0000-memory.dmp

Filesize
64KB

Download
memory/5040-7-0x0000000005360000-0x0000000005904000-memory.dmp

Filesize
5.6MB

Download
memory/5040-8-0x0000000004E50000-0x0000000004EE2000-memory.dmp

Filesize
584KB

Download
memory/5040-9-0x0000000004E10000-0x0000000004E1A000-memory.dmp

Filesize
40KB

Download
memory/5040-1-0x0000000074D20000-0x00000000754D0000-memory.dmp

Filesize
7.7MB

Download
memory/5040-5-0x0000000004B50000-0x0000000004B98000-memory.dmp

Filesize
288KB

Download
memory/5040-12-0x00000000080F0000-0x0000000008156000-memory.dmp

Filesize
408KB

Download
memory/5040-21-0x000000000A890000-0x000000000B036000-memory.dmp

Filesize
7.6MB

Download
memory/5040-22-0x0000000074D20000-0x00000000754D0000-memory.dmp

Filesize
7.7MB

Download
memory/5040-23-0x0000000004CA0000-0x0000000004CB0000-memory.dmp

Filesize
64KB

Download
memory/5040-24-0x0000000004CA0000-0x0000000004CB0000-memory.dmp

Filesize
64KB

Download
memory/5040-25-0x0000000004CA0000-0x0000000004CB0000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads