Overview

overview

8

Static

static

FedEx's AW...df.exe

windows7_x64

8

FedEx's AW...df.exe

windows10_x64

1

Analysis

  • max time kernel
    146s
  • max time network
    147s
  • platform
    windows10_x64
  • resource
    win10v200430
  • submitted
    17-07-2020 20:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FedEx's AWB#530532320464350.pdf.exe

  • Size

    881KB

  • MD5

    566a9a9781b506b65ad41174cfcd6c77

  • SHA1

    a51ad73695c95981edfb03fd5ccdb2eec11ff472

  • SHA256

    a70fef725d796b5adb74d12567424fe976af6539cc49d7c0fb9cfbf5812edb03

  • SHA512

    a5880fe29cd4145c919754fc5ac7f3331cfd9e70be79f2ddd36e7e2ebd43360097d9087898ac0680ee71effd9272b98988d293317a8f57f7903631b9b935c602

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FedEx's AWB#530532320464350.pdf.exe
    "C:\Users\Admin\AppData\Local\Temp\FedEx's AWB#530532320464350.pdf.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious behavior: EnumeratesProcesses
    PID:3848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads