Overview

overview

1

Static

static

## HOW TO ...##.exe

windows7_x64

1

## HOW TO ...##.exe

windows10_x64

1

Analysis

  • max time kernel
    8s
  • max time network
    107s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    23-12-2020 14:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ## HOW TO DECRYPT ##.exe

  • Size

    78KB

  • MD5

    55cb627f9925b52bd5ae0bc5e5188bcf

  • SHA1

    858c350062bde8644d89113697a1b9b38ec91714

  • SHA256

    2608e3aee2ca61701eb8b5281b9c9f25f84f40faf3210b2cdaa188d798345a3c

  • SHA512

    93d4d1528f7c13374e4e91aa6dcb9c0e2c1149b00ff15f43c0353bee568bd8287085e7ca7b5eadeaa015b4b2052c2462bec1598e595a98af847b2772e14549c3

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\## HOW TO DECRYPT ##.exe
    "C:\Users\Admin\AppData\Local\Temp\## HOW TO DECRYPT ##.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/848-2-0x00000000748D0000-0x0000000074FBE000-memory.dmp
    Filesize

    6.9MB

    Download
  • memory/848-3-0x0000000000BD0000-0x0000000000BD1000-memory.dmp
    Filesize

    4KB

    Download