Downloads.rar

General
Target

api.exe

Filesize

139MB

Completed

19-11-2020 10:40

Score
1 /10
Malware Config
Signatures 3

Filter: none

  • Suspicious behavior: AddClipboardFormatListener
    api.exe

    Reported IOCs

    pidprocess
    644api.exe
  • Suspicious use of AdjustPrivilegeToken
    AUDIODG.EXE

    Reported IOCs

    descriptionpidprocess
    Token: 332820AUDIODG.EXE
    Token: SeIncBasePriorityPrivilege2820AUDIODG.EXE
  • Suspicious use of SetWindowsHookEx
    api.exe

    Reported IOCs

    pidprocess
    644api.exe
Processes 2
  • C:\Users\Admin\AppData\Local\Temp\api.exe
    "C:\Users\Admin\AppData\Local\Temp\api.exe"
    Suspicious behavior: AddClipboardFormatListener
    Suspicious use of SetWindowsHookEx
    PID:644
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x3fc
    Suspicious use of AdjustPrivilegeToken
    PID:2820
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads