Analysis
-
max time kernel
150s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
20/02/2024, 03:19
General
-
Target
c7a090f74344d3da4543690d9783f69173c40b1ec7665e4ea20989ba06e103f9.exe
-
Size
12.3MB
-
MD5
ad213615b2111053b385b32eefca9521
-
SHA1
55e6bba11bda28985766359f208cb9bf16c0c41a
-
SHA256
c7a090f74344d3da4543690d9783f69173c40b1ec7665e4ea20989ba06e103f9
-
SHA512
b1bb5c4fd03f71f436c200df0aeb25795a8e917c9125bc1982b7cb72000dd54a6e42d6ce86e83e171d355fb5f5da57763a70b59d8f15a26ab3b4c40140c7eaf4
-
SSDEEP
49152:atVplF5UZz/h5kVXQ6iIBiRvYhPD6CS63Og7ttXp22Zp22X222Hp2222ppBUuVkC:atPb5qvkVX1iIwAhL6CS+av1
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
-
Script User-Agent 1 IoCs
Uses user-agent string associated with script host/environment.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c7a090f74344d3da4543690d9783f69173c40b1ec7665e4ea20989ba06e103f9.exe"C:\Users\Admin\AppData\Local\Temp\c7a090f74344d3da4543690d9783f69173c40b1ec7665e4ea20989ba06e103f9.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.0MB
-
Filesize
2.0MB