Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
15-05-2024 07:00
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Swift Copy.exe
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
General
-
Target
Swift Copy.exe
-
Size
49KB
-
MD5
fadef7ce43e9627a752d03a41e71ee41
-
SHA1
f8a9907fdb73ca4b162b20a79d9384ab5277af31
-
SHA256
80762425adc5f24b5c7be359dd4cb7c1c657bb21f0304dcb89eb6bd6d8d8e0da
-
SHA512
764ddce479431043510647f95fb376be3b62bc7e6283173c9d7849130335a8daa2aad2b86e8a7693cd5c92c1b94e809cf1a0ec1ecbb2fb6c196d1764a0a9a081
-
SSDEEP
768:P1YSqVwQ8rD6pSg12mkQu3MyoELiym7/FDFTNxIrgBjv5VQ6:PyeQkDxtcyJm7tk0jv5VJ
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
Swift Copy.exedescription pid process Token: SeDebugPrivilege 1912 Swift Copy.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1912-0-0x000000007479E000-0x000000007479F000-memory.dmpFilesize
4KB
-
memory/1912-1-0x00000000001B0000-0x00000000001C2000-memory.dmpFilesize
72KB
-
memory/1912-2-0x0000000074790000-0x0000000074E7E000-memory.dmpFilesize
6.9MB
-
memory/1912-3-0x000000007479E000-0x000000007479F000-memory.dmpFilesize
4KB
-
memory/1912-4-0x0000000074790000-0x0000000074E7E000-memory.dmpFilesize
6.9MB