1f3905c095907261a273a7dd4674c3553ea5a79ec46bd6566bb6e7603377b69e

Resubmissions

09/03/2024, 11:16

240309-nc52magb2x 3

09/03/2024, 11:14

240309-nb12aaga91 3

Analysis

max time kernel
120s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
09/03/2024, 11:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Inzector.exe
Size

17.8MB
MD5

3dcc2336d880068668ed37dd2091a34a
SHA1

7c34158be63e3d6a9ddb3f1a83575dc41c4b09a8
SHA256

1f3905c095907261a273a7dd4674c3553ea5a79ec46bd6566bb6e7603377b69e
SHA512

1e7e1afa5feb9cbfcaf8ef7359170e64728b1d8202e561b0ed8fcb54409a097ef1da8f6bb1b3a411207eb7f93ab182543433e19e9abdf98f772edd48600df040
SSDEEP

393216:rlau+LLPuW7bFT3+ogS+wUj6yTHQV3wuSIgKXbMUQ4tm:st/3FT3eJHQVeKDLt

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2864	Inzector.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	2864	Inzector.exe

C:\Users\Admin\AppData\Local\Temp\Inzector.exe
"C:\Users\Admin\AppData\Local\Temp\Inzector.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2864

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:2580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2864-1-0x0000000140000000-0x0000000141F16000-memory.dmp

Filesize
31.1MB

Download
memory/2864-3-0x0000000140000000-0x0000000141F16000-memory.dmp

Filesize
31.1MB

Download
memory/2864-4-0x00000000777D0000-0x00000000777D2000-memory.dmp

Filesize
8KB

Download
memory/2864-0-0x00000000777D0000-0x00000000777D2000-memory.dmp

Filesize
8KB

Download
memory/2864-6-0x00000000777D0000-0x00000000777D2000-memory.dmp

Filesize
8KB

Download
memory/2864-8-0x0000000077620000-0x00000000777C9000-memory.dmp

Filesize
1.7MB

Download
memory/2864-7-0x00000000777E0000-0x00000000777E2000-memory.dmp

Filesize
8KB

Download
memory/2864-12-0x00000000777E0000-0x00000000777E2000-memory.dmp

Filesize
8KB

Download
memory/2864-10-0x00000000777E0000-0x00000000777E2000-memory.dmp

Filesize
8KB

Download
memory/2864-13-0x00000000777F0000-0x00000000777F2000-memory.dmp

Filesize
8KB

Download
memory/2864-17-0x00000000777F0000-0x00000000777F2000-memory.dmp

Filesize
8KB

Download
memory/2864-15-0x00000000777F0000-0x00000000777F2000-memory.dmp

Filesize
8KB

Download
memory/2864-22-0x0000000077800000-0x0000000077802000-memory.dmp

Filesize
8KB

Download
memory/2864-20-0x0000000077800000-0x0000000077802000-memory.dmp

Filesize
8KB

Download
memory/2864-18-0x0000000077800000-0x0000000077802000-memory.dmp

Filesize
8KB

Download
memory/2864-27-0x0000000077810000-0x0000000077812000-memory.dmp

Filesize
8KB

Download
memory/2864-25-0x0000000077810000-0x0000000077812000-memory.dmp

Filesize
8KB

Download
memory/2864-23-0x0000000077810000-0x0000000077812000-memory.dmp

Filesize
8KB

Download
memory/2864-30-0x000007FEFD590000-0x000007FEFD592000-memory.dmp

Filesize
8KB

Download
memory/2864-32-0x000007FEFD590000-0x000007FEFD592000-memory.dmp

Filesize
8KB

Download
memory/2864-37-0x000007FEFD5A0000-0x000007FEFD5A2000-memory.dmp

Filesize
8KB

Download
memory/2864-35-0x000007FEFD5A0000-0x000007FEFD5A2000-memory.dmp

Filesize
8KB

Download
memory/2864-41-0x0000000140000000-0x0000000141F16000-memory.dmp

Filesize
31.1MB

Download
memory/2864-42-0x0000000077620000-0x00000000777C9000-memory.dmp

Filesize
1.7MB

Download