Analysis
-
max time kernel
143s -
max time network
58s -
platform
windows10_x64 -
resource
win10v200722 -
submitted
31-07-2020 10:17
Static task
static1
Behavioral task
behavioral1
Sample
Ziraat Bankasi Swift Mesaji.exe
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Ziraat Bankasi Swift Mesaji.exe
Resource
win10v200722
windows10_x64
0 signatures
0 seconds
General
-
Target
Ziraat Bankasi Swift Mesaji.exe
-
Size
1.5MB
-
MD5
ac000598bac3110f6f3ddba519435ad8
-
SHA1
c0959d7452226d7287bbcf6088ad2deb16eb7459
-
SHA256
114ba0c81a5ac12f589504d2693d6cb0a845e119bf305fc9eb7b8e756b385f91
-
SHA512
fb86cefd95e877181303a7c138efa709c02fd0a110d77caa98e41866cf667f9e7fa63b0ec2f1362292a3c9d4826dc06976c6f6ff7ebe4cdfddda0be87d68f713
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
Ziraat Bankasi Swift Mesaji.exedescription pid process Token: SeDebugPrivilege 2584 Ziraat Bankasi Swift Mesaji.exe -
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes:
Ziraat Bankasi Swift Mesaji.exepid process 2584 Ziraat Bankasi Swift Mesaji.exe