Overview

overview

7

Static

static

3

e990cf31fa...ee.exe

windows7-x64

7

e990cf31fa...ee.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    20/11/2024, 05:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e990cf31fa3193032d119c44229b9d2bc31754cf6cc6e5e1b5d9d95220322dee.exe

  • Size

    86KB

  • MD5

    b745c2c373390b8c54e0147d8aa85ce8

  • SHA1

    50c66991be0a5b1d5ff3c489cdaaab0de6f26834

  • SHA256

    e990cf31fa3193032d119c44229b9d2bc31754cf6cc6e5e1b5d9d95220322dee

  • SHA512

    a9c5020bc1b8fb0c9c888f8c2f55d2cc257c9680e054b366ba829293f994dc376a0a49652b422e03e51650df9455c2f4bbb5c28d3d74f5bdf326b1fd231f642d

  • SSDEEP

    1536:OROM9kCiFHcx3a4Cnu8RbVShone4PIj8Csnj:ORWCi+Cn1VShoVPIgRn

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e990cf31fa3193032d119c44229b9d2bc31754cf6cc6e5e1b5d9d95220322dee.exe
    "C:\Users\Admin\AppData\Local\Temp\e990cf31fa3193032d119c44229b9d2bc31754cf6cc6e5e1b5d9d95220322dee.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2412
  • C:\Windows\SysWOW64\Winkbyq.exe
    C:\Windows\SysWOW64\Winkbyq.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\Winkbyq.exe
    Filesize

    90KB

    MD5

    046f2749a5f547c470cba54fd1be1d6c

    SHA1

    c0d23ef594f8b22ffc2496a607cd24e83467f6b3

    SHA256

    728e71d3c07fc281682bc217a91818a034ad607aa26b711646d450555da74e28

    SHA512

    5533329de7b2d71791cda58dde6002b6c02ebca5c879c4cee9fc5e514161fd7c7318b01327a7dd0497f9ceee6272cf66afa4d49286d1cda78508516c5d691467

    Download Submit