Analysis
-
max time kernel
9s -
max time network
147s -
platform
windows10_x64 -
resource
win10 -
submitted
09-10-2020 08:03
Static task
static1
Behavioral task
behavioral1
Sample
xK7CzZLP.exe
Resource
win7v200722
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
xK7CzZLP.exe
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
xK7CzZLP.exe
-
Size
16KB
-
MD5
3079e5385faae7e550f0c7389a8588dc
-
SHA1
74809bc4296e3fae7a7d323407c9731b0180f354
-
SHA256
433db34463ffa758a4fbe117127fddab7db0adbfb72ce7a280ea05fd79a6eec8
-
SHA512
7ee76b7375cdcb564c8fa65f9ae2a1bd02fdb2fec53eed0c4f87d7a7f7a3b1e0cd6f93f7c6223c131ea1b988f395c0c8d037b412d0bfacc18f7bbcfeff5c1d97
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
xK7CzZLP.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\SYSTEM\CENTRALPROCESSOR\0 xK7CzZLP.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString xK7CzZLP.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
xK7CzZLP.exedescription pid process Token: SeDebugPrivilege 3828 xK7CzZLP.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3828-0-0x00007FFA44590000-0x00007FFA44F30000-memory.dmpFilesize
9.6MB