Analysis
-
max time kernel
121s -
max time network
119s -
platform
windows10_x64 -
resource
win10 -
submitted
07-07-2020 12:53
General
-
Target
TT SLIP.exe
-
Size
621KB
-
MD5
9be7ccf2784692c34f0a23ee1c6cdf96
-
SHA1
50893829429e45ae306e74499339fb4e71356bf6
-
SHA256
1783a9996138d2b199496d53340e7a68f0f265af553a4caabaaf5fe1ada46e3c
-
SHA512
8be8a31b093a0b5063c861233c92c6b8caac37ccdb7b3198e597cceeb720edd06dd818231d46af0effc987bd0b22048b58abcf2ca95ad3df7708a5d896cc6b7e
Score
3/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
-
Suspicious behavior: EnumeratesProcesses 15 IoCs
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\TT SLIP.exe"C:\Users\Admin\AppData\Local\Temp\TT SLIP.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4060 -s 9362⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious behavior: EnumeratesProcesses
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3836-0-0x0000000004B70000-0x0000000004B71000-memory.dmpFilesize
4KB
-
memory/3836-1-0x0000000004F70000-0x0000000004F71000-memory.dmpFilesize
4KB
-
memory/3836-2-0x00000000056A0000-0x00000000056A1000-memory.dmpFilesize
4KB