Overview

overview

7

Static

static

3

ipchanger.exe

windows7-x64

7

ipchanger.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/03/2024, 22:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ipchanger.exe

  • Size

    111KB

  • MD5

    28360d2fd11ace03630b52f312468159

  • SHA1

    9bf2e1121059ce6af2194ab844d0c70689c916d9

  • SHA256

    bcfd4de1b7b7e4f143b5fb8456732f4c9b1845a774463d8a2a9edc5ec0f5b566

  • SHA512

    3eb964866b69bb6e6939324521667ab00f6cea1558302a8cae41e4f9fca33fab6a7bbf9ab514566b7cae262f93b501de2d6c406b01612769a39b77dbed92fffc

  • SSDEEP

    1536:CvAC9Lhafp2aa9DZlVoH+hW/tfJeHvJTgyaW4Rn3it:CvACHIp2p9Di+AA9g64Rn

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ipchanger.exe
    "C:\Users\Admin\AppData\Local\Temp\ipchanger.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads