Analysis

  • max time kernel
    33s
  • max time network
    38s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/06/2024, 00:20

General

  • Target

    SMM-WE.exe

  • Size

    35.2MB

  • MD5

    226c2abd77622f6187876b11dbf7c2da

  • SHA1

    e8a59e806b17d9da6c0fc74cc0499ec60a3f5313

  • SHA256

    35b7f7e8a4a3b8053681c762043cdaad2cf6ae41eeac8020f218ecfe9e4b3267

  • SHA512

    ebeceb00e86f275f14cd25457398a9e22410d365b7994ab11fafbc4a8e701c8dd4ff29b1c07bd023d270e1a08bf57c95eb3f81d03b6c374a2fa5c46e94c18931

  • SSDEEP

    393216:qSINQUslNewXSVJiWxt8ISUv9vpOiOk0mf7GOWGwNliH44rRmiSSX1UWIybbuuzp:fJfH/qtb/cEv

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SMM-WE.exe
    "C:\Users\Admin\AppData\Local\Temp\SMM-WE.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1124
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x2c8 0x510
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads