Overview

overview

10

Static

static

FORTUNA PU...ER.exe

windows7_x64

10

FORTUNA PU...ER.exe

windows10_x64

3

Analysis

  • max time kernel
    65s
  • max time network
    101s
  • platform
    windows10_x64
  • resource
    win10v200430
  • submitted
    30-06-2020 12:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FORTUNA PURCHASE ORDER.exe

  • Size

    495KB

  • MD5

    09471801071f5f40b3848c6e8f2b1161

  • SHA1

    936c8d901eaf87cf7dce45e8f6e18edf9f63c093

  • SHA256

    872e1f8527fad5ec58946edda46b1ea81a65055391df90b2ca5f130eef99b662

  • SHA512

    fffc5c55ebf42386ea189fd3e7cb6a6bf2094d2dd705293715901190421956842e2d2b693d9e59a71ec4dc2ee2205bfcb35714c0e77753541462d2fc0de252d2

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 13 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FORTUNA PURCHASE ORDER.exe
    "C:\Users\Admin\AppData\Local\Temp\FORTUNA PURCHASE ORDER.exe"
    1⤵
      PID:3576
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3576 -s 1208
        2⤵
        • Program crash
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:2536

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2536-0-0x0000000004260000-0x0000000004261000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2536-1-0x0000000004D60000-0x0000000004D61000-memory.dmp
      Filesize

      4KB

      Download