Overview

overview

8

Static

static

8

-.exe

windows7_x64

8

-.exe

windows10_x64

8

Nf.e_pt.exe

windows7_x64

1

Nf.e_pt.exe

windows10_x64

1

Analysis

  • max time kernel
    151s
  • max time network
    12s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    03-03-2021 11:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Nf.e_pt.exe

  • Size

    422KB

  • MD5

    01d61a3376eca9bb3ff9b18c36eac0dc

  • SHA1

    2d96fe726cfac17aa48312ba6f50782b354c2d55

  • SHA256

    c6478564314b23b2262c6e258cc6792fd7907f9253267571659e778dbd4491cc

  • SHA512

    52a9f5168cfabc89e4546e185607002b294d334e1b4bc06f37fee47970213c98d45f2131155eb2883aa3611b1658760f46bbd72fa95cd044dce0e61233a94646

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Nf.e_pt.exe
    "C:\Users\Admin\AppData\Local\Temp\Nf.e_pt.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1616-2-0x0000000074640000-0x0000000074D2E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/1616-3-0x0000000001280000-0x0000000001281000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1616-5-0x0000000001120000-0x0000000001121000-memory.dmp

    Filesize

    4KB

    Download