Resubmissions
17-01-2021 18:37
210117-48aq437xb6 617-01-2021 17:45
210117-4744q9x4dx 1017-01-2021 17:15
210117-srj9q38nvj 1013-01-2021 06:09
210113-qmgklkv3dn 10Analysis
-
max time kernel
7s -
max time network
13s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
17-01-2021 17:15
General
-
Target
3dcd284892131ed336b5801c7993d3ed.exe
-
Size
1.8MB
-
MD5
3dcd284892131ed336b5801c7993d3ed
-
SHA1
b1055faf8ac2c14ce5c45f1954c45f7ab6a986eb
-
SHA256
9c748a69c48b79e6422b3bea1766e415de5532cb7ba2b9673d5a51163e6c1df2
-
SHA512
9fb9ee8903ded8051ca40b1d6f780c7b475255987ee592e35ccebc7119fdef6202f2f80b47e00eedb1434649c299eea1f1f3580d1a65f9c19d54e6626f9e4b76
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\3dcd284892131ed336b5801c7993d3ed.exe"C:\Users\Admin\AppData\Local\Temp\3dcd284892131ed336b5801c7993d3ed.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1684-2-0x0000000001FE0000-0x0000000001FF1000-memory.dmpFilesize
68KB
-
memory/1684-3-0x00000000756A1000-0x00000000756A3000-memory.dmpFilesize
8KB
-
memory/1684-5-0x0000000002531000-0x0000000002532000-memory.dmpFilesize
4KB
-
memory/1684-4-0x0000000002530000-0x0000000002531000-memory.dmpFilesize
4KB
-
memory/1684-7-0x0000000002537000-0x0000000002539000-memory.dmpFilesize
8KB
-
memory/1684-6-0x0000000002532000-0x0000000002534000-memory.dmpFilesize
8KB
-
memory/1684-8-0x0000000002500000-0x0000000002501000-memory.dmpFilesize
4KB