Analysis
-
max time kernel
146s -
max time network
137s -
platform
windows10_x64 -
resource
win10v200430 -
submitted
13-07-2020 11:26
Static task
static1
Behavioral task
behavioral1
Sample
Shipping Document PL&BL Draft.exe
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Shipping Document PL&BL Draft.exe
Resource
win10v200430
windows10_x64
0 signatures
0 seconds
General
-
Target
Shipping Document PL&BL Draft.exe
-
Size
730KB
-
MD5
bfefe46f1d547f9da51fc00409829a09
-
SHA1
51e84e711f2191d138c14aa4b421aff54cc2042f
-
SHA256
5d6d79cf8e947dbd356240026f305d09c23e61990bf0302d9020d7fa935254ae
-
SHA512
c46de0c92a2734f6f829a519c52350887111e43b2b63deaf2f706c92752361252fa43aba99a092502816d6b8fa967316e7b5ca6397fcae2c4c572a4b933491eb
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
Shipping Document PL&BL Draft.exedescription pid process Token: SeDebugPrivilege 3544 Shipping Document PL&BL Draft.exe -
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes:
Shipping Document PL&BL Draft.exepid process 3544 Shipping Document PL&BL Draft.exe