Overview

overview

3

Static

static

020bc13012...1e.exe

windows7_x64

1

020bc13012...1e.exe

windows10_x64

3

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    21-11-2020 10:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    020bc13012ce4db6e204cb1ed174851e.exe

  • Size

    604KB

  • MD5

    020bc13012ce4db6e204cb1ed174851e

  • SHA1

    46f8ff39e0d5f476b0c2e3a1c8feefdfec32a0b2

  • SHA256

    265e971392e878a245def23cc9544060fcafbdc0c61c66cf128688f3d64e2179

  • SHA512

    891367401d14b9e41fc0379fc0bdc04526e023e01f6e91c731d14c790b8b6483a11761c34b2d5a673b73acd45761d11916e6a4a6d692c9e4955ad86f7b00b079

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\020bc13012ce4db6e204cb1ed174851e.exe
    "C:\Users\Admin\AppData\Local\Temp\020bc13012ce4db6e204cb1ed174851e.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/240-0-0x0000000074120000-0x000000007480E000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/240-1-0x00000000009F0000-0x00000000009F1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/240-3-0x0000000004880000-0x00000000048BE000-memory.dmp
    Filesize

    248KB

    Download