Overview

overview

8

Static

static

3

2023gw1509-safety.exe

windows10-2004-x64

1

2023gw1509.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-07-2024 01:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023gw1509-safety.exe

  • Size

    76KB

  • MD5

    c2a8e533dc6132fd4388fd12bf4850ec

  • SHA1

    f23af0dc75897117b7dc6bcb1aa31d5fccc93647

  • SHA256

    a6ce2c599b64e91fd3e5513fde527c73a565381eaf3d43cd0db4a7cf3ed25778

  • SHA512

    54a7bdcb094f90b77f7870dd93eba13d2790e8154a0307a5cd110a06e9b181c8d015fbd93713f7de647a9339ad75755e866bcbd38af8891283f34820f714a422

  • SSDEEP

    1536:wZzVvFwHus7Mz+Wjpbhe/lt/oQTNZOM0EIwxrDDB:QAHwz+WlwtQQR8+t1

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023gw1509-safety.exe
    "C:\Users\Admin\AppData\Local\Temp\2023gw1509-safety.exe"
    1⤵
      PID:388
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x300 0x304
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:848

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads