Analysis Overview
SHA256
edbb56fe63e565c456de8153a6c6782dc6697b6dac509eeb19a99e462d9e717d
Threat Level: No (potentially) malicious behavior was detected
The file r10959_order.exe was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2020-12-21 02:15
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2020-12-21 02:15
Reported
2020-12-21 02:17
Platform
win7v20201028
Max time kernel
151s
Max time network
8s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\r10959_order.exe
"C:\Users\Admin\AppData\Local\Temp\r10959_order.exe"
Network
Files
memory/1068-2-0x000000000313B000-0x000000000313C000-memory.dmp
memory/1068-3-0x0000000004AE0000-0x0000000004AF1000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2020-12-21 02:15
Reported
2020-12-21 02:17
Platform
win10v20201028
Max time kernel
72s
Max time network
105s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\r10959_order.exe
"C:\Users\Admin\AppData\Local\Temp\r10959_order.exe"
C:\Windows\SysWOW64\msiexec.exe
msiexec.exe
Network
Files
memory/828-2-0x0000000003139000-0x000000000313A000-memory.dmp
memory/828-3-0x0000000004C70000-0x0000000004C71000-memory.dmp
memory/220-4-0x0000000002680000-0x00000000026A8000-memory.dmp
memory/220-5-0x0000000000000000-mapping.dmp