Resubmissions

19-01-2021 19:24

210119-s26yznnqsn 10

19-11-2020 13:14

201119-s41ec6lt86 10

Analysis

  • max time kernel
    113s
  • max time network
    8s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    19-01-2021 19:24

General

  • Target

    3DMark 11 Advanced Edition.exe

  • Size

    11MB

  • MD5

    236d7524027dbce337c671906c9fe10b

  • SHA1

    7d345aa201b50273176ae0ec7324739d882da32e

  • SHA256

    400b64f8c61623ead9f579b99735b1b0d9febe7c829e8bdafc9b3a3269bbe21c

  • SHA512

    e5c2f87923b3331719261101b2f606298fb66442e56a49708199d8472c1ac4a72130612d3a9c344310f36fcb3cf39e4637f7dd8fb3841c61b01b95bb3794610a

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam ⋅ 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3DMark 11 Advanced Edition.exe
    "C:\Users\Admin\AppData\Local\Temp\3DMark 11 Advanced Edition.exe"
    Suspicious behavior: GetForegroundWindowSpam
    PID:1924

Network

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation

                          Replay Monitor

                          00:00 00:00

                          Downloads

                          • memory/1924-2-0x0000000075DE1000-0x0000000075DE3000-memory.dmp
                          • memory/1924-3-0x00000000007A0000-0x00000000007A1000-memory.dmp