Analysis
-
max time kernel
140s -
max time network
149s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
01-03-2021 22:36
General
-
Target
f6437b319a96807ff41f30905b8babf7c3064ea76e87b6172046dd085d0e1dcd.exe
-
Size
256KB
-
MD5
a3d83bf350ffc3c5acbe366ed8bd538e
-
SHA1
d6dd003956617ee7e5c84f06941cd534383a379c
-
SHA256
f6437b319a96807ff41f30905b8babf7c3064ea76e87b6172046dd085d0e1dcd
-
SHA512
6cf14503878f212d01b8257d1b58a2dd095375d14557a04023c5cd73d931f8b132cf4ca3a289f7444096e38b9e6a4a3bc4b37eb405a4a5d398d84412a0e37aef
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f6437b319a96807ff41f30905b8babf7c3064ea76e87b6172046dd085d0e1dcd.exe"C:\Users\Admin\AppData\Local\Temp\f6437b319a96807ff41f30905b8babf7c3064ea76e87b6172046dd085d0e1dcd.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/412-2-0x0000000073920000-0x000000007400E000-memory.dmpFilesize
6.9MB
-
memory/412-3-0x0000000000430000-0x0000000000431000-memory.dmpFilesize
4KB
-
memory/412-5-0x0000000004C40000-0x0000000004C41000-memory.dmpFilesize
4KB
-
memory/412-6-0x00000000026F0000-0x00000000026F1000-memory.dmpFilesize
4KB
-
memory/412-7-0x0000000004D40000-0x0000000004D41000-memory.dmpFilesize
4KB
-
memory/412-8-0x0000000005360000-0x0000000005361000-memory.dmpFilesize
4KB
-
memory/412-9-0x0000000004D80000-0x0000000004D81000-memory.dmpFilesize
4KB
-
memory/412-10-0x0000000004DE0000-0x0000000004DE1000-memory.dmpFilesize
4KB
-
memory/412-11-0x0000000004E20000-0x0000000004E21000-memory.dmpFilesize
4KB
-
memory/412-12-0x0000000005080000-0x0000000005081000-memory.dmpFilesize
4KB