Analysis
-
max time kernel
82s -
max time network
110s -
platform
windows10_x64 -
resource
win10v200722 -
submitted
31-07-2020 09:55
Static task
static1
Behavioral task
behavioral1
Sample
Akbank Hesap Özetiniz.exe
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Akbank Hesap Özetiniz.exe
Resource
win10v200722
windows10_x64
0 signatures
0 seconds
General
-
Target
Akbank Hesap Özetiniz.exe
-
Size
774KB
-
MD5
6e5b122d49f7779416f98647230dd407
-
SHA1
894a4deadb0adac01a70e2611153a6a2a556118a
-
SHA256
866de889c68e9b0147480544b7e312decbe5483c1162fe3d205f85aeeb8e75a4
-
SHA512
7f3dca82a9181db925f3985fe7588755113e610253022b1478ec9e037f5745a4fa0d6531e4ae8df3cd5a4e6960c6a0b46653b346e6e08ac47abca50fdf317bb0
Score
3/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 16 IoCs
Processes:
Akbank Hesap Özetiniz.exeWerFault.exepid process 3740 Akbank Hesap Özetiniz.exe 3740 Akbank Hesap Özetiniz.exe 3740 Akbank Hesap Özetiniz.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe 1452 WerFault.exe -
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1452 3740 WerFault.exe Akbank Hesap Özetiniz.exe -
Suspicious use of AdjustPrivilegeToken 4 IoCs
Processes:
Akbank Hesap Özetiniz.exeWerFault.exedescription pid process Token: SeDebugPrivilege 3740 Akbank Hesap Özetiniz.exe Token: SeRestorePrivilege 1452 WerFault.exe Token: SeBackupPrivilege 1452 WerFault.exe Token: SeDebugPrivilege 1452 WerFault.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\Akbank Hesap Özetiniz.exe"C:\Users\Admin\AppData\Local\Temp\Akbank Hesap Özetiniz.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3740 -s 9562⤵
- Suspicious behavior: EnumeratesProcesses
- Program crash
- Suspicious use of AdjustPrivilegeToken