Overview

overview

10

Static

static

30% Down p...df.exe

windows7_x64

1

30% Down p...df.exe

windows10_x64

10

Analysis

  • max time kernel
    4s
  • max time network
    9s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    09-11-2020 19:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    30% Down payment order no. 7887009221 #inr24 ,pdf.exe

  • Size

    680KB

  • MD5

    b94dd0d4147bcaf3018a44156f85ec22

  • SHA1

    91df3d3b91c4d85d1b325d7d0ba8a972e1070a9b

  • SHA256

    7420ad79e1a0649a9732ef3db80460bfd50c2c95237e7c5e12815eed68de236f

  • SHA512

    c80c7b46b142a29f8c1e24c11bfec391d8bb4597a25c9385fad734fa573ebab3d6733cdc3e7ef9de79c024b56a0a9c4f7c53c13d48b7a0ea39fef5e381257cc4

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\30% Down payment order no. 7887009221 #inr24 ,pdf.exe
    "C:\Users\Admin\AppData\Local\Temp\30% Down payment order no. 7887009221 #inr24 ,pdf.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1912-0-0x0000000074320000-0x0000000074A0E000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/1912-1-0x0000000000820000-0x0000000000821000-memory.dmp
    Filesize

    4KB

    Download
  • memory/1912-3-0x0000000002120000-0x000000000217E000-memory.dmp
    Filesize

    376KB

    Download
  • memory/1912-4-0x0000000001E70000-0x0000000001E81000-memory.dmp
    Filesize

    68KB

    Download