Analysis
-
max time kernel
146s -
max time network
148s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
08-04-2021 06:41
Static task
static1
Behavioral task
behavioral1
Sample
E4B1AD053F5D7E857BB97CE7AA9621F7.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
E4B1AD053F5D7E857BB97CE7AA9621F7.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
E4B1AD053F5D7E857BB97CE7AA9621F7.exe
-
Size
1.2MB
-
MD5
e4b1ad053f5d7e857bb97ce7aa9621f7
-
SHA1
f6dcf2a3750876e11425bfb10898a1bbaf975e2e
-
SHA256
6ba6ef7ab8dc9df565a48e90a2c25b1da40a84a55a9257576bd125a4fb56e708
-
SHA512
bad79be7e8e833e5141acc0a55a5638cc1b4b003883c4af7b1b212729a62674c5fdde58b2a85c6ced2161cda9442ed28b2552c89287603c73debf31857a51baa
Score
5/10
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 5 IoCs
Processes:
E4B1AD053F5D7E857BB97CE7AA9621F7.exepid process 1144 E4B1AD053F5D7E857BB97CE7AA9621F7.exe 1144 E4B1AD053F5D7E857BB97CE7AA9621F7.exe 1144 E4B1AD053F5D7E857BB97CE7AA9621F7.exe 1144 E4B1AD053F5D7E857BB97CE7AA9621F7.exe 1144 E4B1AD053F5D7E857BB97CE7AA9621F7.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
E4B1AD053F5D7E857BB97CE7AA9621F7.exedescription pid process Token: SeShutdownPrivilege 1144 E4B1AD053F5D7E857BB97CE7AA9621F7.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
E4B1AD053F5D7E857BB97CE7AA9621F7.exepid process 1144 E4B1AD053F5D7E857BB97CE7AA9621F7.exe 1144 E4B1AD053F5D7E857BB97CE7AA9621F7.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1144-2-0x00000000008D0000-0x00000000008D1000-memory.dmpFilesize
4KB