3f1be2fe05d433284b79c35209553c2e26fd590cae24d4f63297b0b059b0c1b2

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
29/04/2024, 09:18

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

iconTips.exe
Size

257KB
MD5

bd2a944d69eeb1b2bb86f825eeb289a4
SHA1

3b04ebd33de312044fff329afc18f68c39ce8606
SHA256

dc948d6b754a7fbc0e7a643939ba152f9ee8691e54661ef06632c79f5c49a4be
SHA512

f1759c3f6efb8a387d30515062036475bfa6b3fefaf0723b1b99dca1ca0a0a859c59e783737479e5572de77ca76fe010d9a7015c09af6b401ca04973e4923226
SSDEEP

6144:MF7yS4Vab+O4mAhFgpbMLifKS0DUUWZHhI7c0qL7DYOTTmF8Ng5hMTZj1nJQm8tS:58OEBCNUU1dk

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1772	iconTips.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21
PID 1772 wrote to memory of 1204	1772	iconTips.exe	21

C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
1⤵
PID:1204
- C:\Users\Admin\AppData\Local\Temp\iconTips.exe
  "C:\Users\Admin\AppData\Local\Temp\iconTips.exe"
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:1772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1204-1-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-0-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-26-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-25-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-24-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-23-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-22-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-21-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-20-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-19-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-18-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-17-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-16-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-15-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-14-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-13-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-12-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-11-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-10-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-9-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-8-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-7-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-6-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-5-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-4-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-3-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download
memory/1204-2-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads