Analysis
-
max time kernel
121s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
23-05-2024 01:32
Static task
static1
Behavioral task
behavioral1
Sample
a85e0dcbbc783ef3aa0413045eeb59e6aa03e3c6b67044f3f9f55e13a60b2f56.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a85e0dcbbc783ef3aa0413045eeb59e6aa03e3c6b67044f3f9f55e13a60b2f56.exe
Resource
win10v2004-20240508-en
General
-
Target
a85e0dcbbc783ef3aa0413045eeb59e6aa03e3c6b67044f3f9f55e13a60b2f56.exe
-
Size
415KB
-
MD5
fcdaa0c54d0161f03405cf279b138063
-
SHA1
dc0d38c206de384af2aa61b178aae9b6441a1dd8
-
SHA256
a85e0dcbbc783ef3aa0413045eeb59e6aa03e3c6b67044f3f9f55e13a60b2f56
-
SHA512
fed78bfdd880c60431765e5a00cd7ab14d79ea8b1d26b32dfa7ba47619c587c3bfab342f3cebd2e670fd34697ec15253899e3201fe54f0efcb64b961e561aed5
-
SSDEEP
12288:fgJJD9HstCLJDzxycFgJJD9Hst5LJDzxyr:fA9W0Fzxy6A9WzFzxy
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
a85e0dcbbc783ef3aa0413045eeb59e6aa03e3c6b67044f3f9f55e13a60b2f56.exedescription pid process Token: SeDebugPrivilege 2240 a85e0dcbbc783ef3aa0413045eeb59e6aa03e3c6b67044f3f9f55e13a60b2f56.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2240-0-0x000007FEF5693000-0x000007FEF5694000-memory.dmpFilesize
4KB
-
memory/2240-1-0x00000000008C0000-0x000000000092C000-memory.dmpFilesize
432KB
-
memory/2240-2-0x000007FEF5690000-0x000007FEF607C000-memory.dmpFilesize
9.9MB
-
memory/2240-3-0x000007FEF5690000-0x000007FEF607C000-memory.dmpFilesize
9.9MB