Overview

overview

3

Static

static

Mailflow C...ow.exe

windows7_x64

3

Mailflow C...ow.exe

windows10_x64

3

Analysis

  • max time kernel
    55s
  • max time network
    136s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    21-11-2020 12:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Mailflow Cracked/Mailflow.exe

  • Size

    4.3MB

  • MD5

    b515751ff6cbbd648d2b8a30ecca56e1

  • SHA1

    5e967e855bb5c42ff8b10be7ef57e5431dc3fcf5

  • SHA256

    e6ffafa751911d0a8d49844aaca114388aef42b0980b566636ea06bc2be8e07a

  • SHA512

    19c9e754faf934e3c04ad6c97ceae030f82f41d193234ddea4c2ac347e12a4cd286ce4dfeb401de3886742b39dfc1c2c26b3f05ba6130a445829b82103263c25

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 14 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Mailflow Cracked\Mailflow.exe
    "C:\Users\Admin\AppData\Local\Temp\Mailflow Cracked\Mailflow.exe"
    1⤵
      PID:508
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 508 -s 1964
        2⤵
        • Program crash
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:2616

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/508-0-0x0000000073520000-0x0000000073C0E000-memory.dmp
      Filesize

      6.9MB

      Download
    • memory/508-1-0x0000000000800000-0x0000000000801000-memory.dmp
      Filesize

      4KB

      Download
    • memory/508-3-0x0000000005990000-0x0000000005991000-memory.dmp
      Filesize

      4KB

      Download
    • memory/508-4-0x0000000005530000-0x0000000005531000-memory.dmp
      Filesize

      4KB

      Download
    • memory/508-5-0x00000000058B0000-0x00000000058B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/508-6-0x0000000008170000-0x0000000008171000-memory.dmp
      Filesize

      4KB

      Download
    • memory/508-7-0x000000000C230000-0x000000000C231000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2616-12-0x0000000004120000-0x0000000004121000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2616-15-0x0000000004960000-0x0000000004961000-memory.dmp
      Filesize

      4KB

      Download