c4cdaa6cfc97a3ba8c70fe676cbcf5fa2280a616aad83b51f587d57f1764e7e0

Analysis

max time kernel
118s
max time network
144s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
15-03-2024 20:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SetupFrontEnd.exe
Size

89KB
MD5

86547d7bff541e04d5a31db85efe627c
SHA1

7e61f64a38ccaa9c17e7c2559bc106c042081cba
SHA256

3de2570125fba893091f0a5bc557524fe53cf8d35a0f36a66562a29f6d68be98
SHA512

8bfa86e0fee1b2e56c39ca5d73f48178daa6742d755b0084253f25062f5877aff80aa2e3150897cc6fc7c1ac1cd8705c8d1a7647094b8c650565791cfba9fb5c
SSDEEP

1536:HvQBk8mSlzR8thiQCeEYwx22eMOZ5caNpHn60ajITWEnSBcoooCH/Xjtx1KhQLhu:PQgjtMQ3ww/Xjtx1KmQgWH9JPQLz6cw3

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

SetupFrontEnd.exe

description pid process

Token: SeDebugPrivilege 2176 SetupFrontEnd.exe
Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

SetupFrontEnd.exe

pid process

2176 SetupFrontEnd.exe

description	pid	process
Token: SeDebugPrivilege	2176	SetupFrontEnd.exe

pid	process
2176	SetupFrontEnd.exe

C:\Users\Admin\AppData\Local\Temp\SetupFrontEnd.exe
"C:\Users\Admin\AppData\Local\Temp\SetupFrontEnd.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2176

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2176-0-0x0000000010090000-0x00000000100AA000-memory.dmp

Filesize
104KB

Download
memory/2176-1-0x0000000002640000-0x00000000026B8000-memory.dmp

Filesize
480KB

Download
memory/2176-2-0x0000000002F00000-0x0000000002FF0000-memory.dmp

Filesize
960KB

Download
memory/2176-3-0x000007FEF5720000-0x000007FEF610C000-memory.dmp

Filesize
9.9MB

Download
memory/2176-4-0x00000000031F0000-0x00000000033F2000-memory.dmp

Filesize
2.0MB

Download
memory/2176-5-0x0000000002FF0000-0x0000000003088000-memory.dmp

Filesize
608KB

Download
memory/2176-6-0x0000000003810000-0x0000000003A18000-memory.dmp

Filesize
2.0MB

Download
memory/2176-7-0x0000000003600000-0x00000000036FC000-memory.dmp

Filesize
1008KB

Download
memory/2176-8-0x00000000004C0000-0x00000000004C1000-memory.dmp

Filesize
4KB

Download
memory/2176-9-0x0000000003D00000-0x0000000003E98000-memory.dmp

Filesize
1.6MB

Download
memory/2176-10-0x00000000005F0000-0x0000000000610000-memory.dmp

Filesize
128KB

Download
memory/2176-11-0x0000000003750000-0x00000000037D0000-memory.dmp

Filesize
512KB

Download
memory/2176-12-0x0000000001F00000-0x0000000001F08000-memory.dmp

Filesize
32KB

Download
memory/2176-13-0x0000000003750000-0x00000000037D0000-memory.dmp

Filesize
512KB

Download
memory/2176-30-0x000007FFFFEC0000-0x000007FFFFED0000-memory.dmp

Filesize
64KB

Download
memory/2176-34-0x000007FEF5720000-0x000007FEF610C000-memory.dmp

Filesize
9.9MB

Download
memory/2176-35-0x0000000003750000-0x00000000037D0000-memory.dmp

Filesize
512KB

Download
memory/2176-36-0x0000000003750000-0x00000000037D0000-memory.dmp

Filesize
512KB

Download
memory/2176-37-0x0000000003750000-0x00000000037D0000-memory.dmp

Filesize
512KB

Download
memory/2176-38-0x0000000003750000-0x00000000037D0000-memory.dmp

Filesize
512KB

Download
memory/2176-39-0x0000000003750000-0x00000000037D0000-memory.dmp

Filesize
512KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads