Overview

overview

1

Static

static

SecuriteIn...64.exe

windows7_x64

1

SecuriteIn...64.exe

windows10_x64

1

Analysis

  • max time kernel
    6s
  • max time network
    10s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    09-11-2020 20:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Trojan.KillProc2.10930.10330.15464.exe

  • Size

    21KB

  • MD5

    5db10902ecc492c772926f47c14a6b44

  • SHA1

    df2e0550fa3123e4718e7f36a00f825be7f4f2ee

  • SHA256

    89f08e47a8ba6e70c1e313ffd49959a5966f07b2ae77f1afead296ff3146c89c

  • SHA512

    b8a157def3a5305c6c1a5d3ea265d715969a857aaf19d6eeb0b9d1ab4d73305cb87062d6ff00f8b9457eb28009aac54b30760415a919188cec7de149c7ac6ca4

Score
1/10

Malware Config

Signatures

  • Modifies system certificate store 2 TTPs 2 IoCs
    evasionspywaretrojan
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.KillProc2.10930.10330.15464.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.KillProc2.10930.10330.15464.exe"
    1⤵
    • Modifies system certificate store
    • Suspicious use of AdjustPrivilegeToken
    PID:292

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/292-0-0x00000000748D0000-0x0000000074FBE000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/292-1-0x0000000000E80000-0x0000000000E81000-memory.dmp
    Filesize

    4KB

    Download