Overview

overview

10

Static

static

3

Swift Copy.exe

windows7-x64

1

Swift Copy.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    17-05-2024 01:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Swift Copy.exe

  • Size

    49KB

  • MD5

    fadef7ce43e9627a752d03a41e71ee41

  • SHA1

    f8a9907fdb73ca4b162b20a79d9384ab5277af31

  • SHA256

    80762425adc5f24b5c7be359dd4cb7c1c657bb21f0304dcb89eb6bd6d8d8e0da

  • SHA512

    764ddce479431043510647f95fb376be3b62bc7e6283173c9d7849130335a8daa2aad2b86e8a7693cd5c92c1b94e809cf1a0ec1ecbb2fb6c196d1764a0a9a081

  • SSDEEP

    768:P1YSqVwQ8rD6pSg12mkQu3MyoELiym7/FDFTNxIrgBjv5VQ6:PyeQkDxtcyJm7tk0jv5VJ

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Swift Copy.exe
    "C:\Users\Admin\AppData\Local\Temp\Swift Copy.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2580-0-0x0000000073F4E000-0x0000000073F4F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2580-1-0x0000000000B70000-0x0000000000B82000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2580-2-0x0000000073F40000-0x000000007462E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2580-3-0x0000000073F4E000-0x0000000073F4F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2580-4-0x0000000073F40000-0x000000007462E000-memory.dmp

    Filesize

    6.9MB

    Download