Analysis
-
max time kernel
149s -
max time network
121s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
20/02/2024, 03:06
General
-
Target
cf47e96401fa225936f79759ae7e7e7a4ca4e01251f3d5b77137588941196bf2.exe
-
Size
12.3MB
-
MD5
a2b4833479c67c15bb03cdc8e7c33b2b
-
SHA1
37f986284d021e0cfa95aaabbe6c1f170983f49e
-
SHA256
cf47e96401fa225936f79759ae7e7e7a4ca4e01251f3d5b77137588941196bf2
-
SHA512
f431ffb43514b90a6bc4d446cf8de3e989178ba18defc562626d159d5adeb474fe09f8c0978a61bb02df2eb3fcdb86d8d4b3356409bbba1e0a8d242d110243d3
-
SSDEEP
49152:6FK021v7V3FEPLQ8Z7El6y4Gh0KooN7gvOg7ttXp22Zp22X222Hp2222ppBUuVkb:6F5avx3FruYrh5ooBL
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
-
Script User-Agent 1 IoCs
Uses user-agent string associated with script host/environment.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\cf47e96401fa225936f79759ae7e7e7a4ca4e01251f3d5b77137588941196bf2.exe"C:\Users\Admin\AppData\Local\Temp\cf47e96401fa225936f79759ae7e7e7a4ca4e01251f3d5b77137588941196bf2.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.0MB
-
Filesize
2.0MB