Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:39

General

  • Target

    629bd096ff76fc4b8f3ee397480832409290d4520edd19e97e3f62507de40e96.exe

  • Size

    6.4MB

  • MD5

    a24fc4f0bc661443244f5928ee57d690

  • SHA1

    c637dce1dd82fb8c788383d2fd4e8a8b25922b88

  • SHA256

    629bd096ff76fc4b8f3ee397480832409290d4520edd19e97e3f62507de40e96

  • SHA512

    086192deaa29e44493c445e0d624bc809b1ec05370da3bde263170b752d9bd120d2317e1be6ff7439b75c7b94e4632b3cbb01ce87abc4692d99ed60987809a22

  • SSDEEP

    49152:YmblsDi8QyfAffcHhlXpBi+1VhlXpBi+crVFUOIc6F4wIAeL4PCpE/vsWvrZsI8k:Ll0i8QyfAftAeLWCJ4ubQ

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 49 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\629bd096ff76fc4b8f3ee397480832409290d4520edd19e97e3f62507de40e96.exe
    "C:\Users\Admin\AppData\Local\Temp\629bd096ff76fc4b8f3ee397480832409290d4520edd19e97e3f62507de40e96.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2972-3-0x0000000010000000-0x000000001003C000-memory.dmp

    Filesize

    240KB

  • memory/2972-7-0x0000000002B20000-0x0000000002C21000-memory.dmp

    Filesize

    1.0MB