Analysis

  • max time kernel
    148s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    10-02-2024 23:36

General

  • Target

    014d3d7393d8c49596e70d6dd1d9bb91.exe

  • Size

    32KB

  • MD5

    014d3d7393d8c49596e70d6dd1d9bb91

  • SHA1

    2492c32089af7337506e1547a4d5857c59fec6f9

  • SHA256

    f307432d9b11a759e000944743449b0c56499dfb51783e631327fed85a1c5399

  • SHA512

    db8989b425488a4fc01d7690a072b40eccd8937f79aa5d8c1bbf72e088a9f6595bed669d847b4dade6502527408671c1da09cc51664f4d81770e48421e9ed16c

  • SSDEEP

    384:V0bUe5XB4e0XLOfO54GeaWTktTUFQqz98yObbPG:2T9BuyLDqJxbO

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 37 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\014d3d7393d8c49596e70d6dd1d9bb91.exe
    "C:\Users\Admin\AppData\Local\Temp\014d3d7393d8c49596e70d6dd1d9bb91.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2028-0-0x0000000074720000-0x0000000074CCB000-memory.dmp

    Filesize

    5.7MB

  • memory/2028-1-0x0000000074720000-0x0000000074CCB000-memory.dmp

    Filesize

    5.7MB

  • memory/2028-2-0x0000000000AF0000-0x0000000000B30000-memory.dmp

    Filesize

    256KB

  • memory/2028-3-0x0000000074720000-0x0000000074CCB000-memory.dmp

    Filesize

    5.7MB

  • memory/2028-4-0x0000000074720000-0x0000000074CCB000-memory.dmp

    Filesize

    5.7MB

  • memory/2028-5-0x0000000000AF0000-0x0000000000B30000-memory.dmp

    Filesize

    256KB