Overview

overview

10

Static

static

ﱞﱞﱞï...ﱞﱞ

windows10_x64

1

ﱞﱞﱞï...ฺฺ

windows10_x64

10

Analysis

  • max time kernel
    40s
  • max time network
    16s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    19-04-2021 05:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Sirus.exe

  • Size

    1.6MB

  • MD5

    bc56db19b52ed6319e02a3aff17e8ccb

  • SHA1

    ef9cd9d631d5d8f384b22debdf520d6f9b06e1ff

  • SHA256

    a0edc967ba879922c1ed23b608445e025aa7ef48291146c4a963a6d5546c8f6c

  • SHA512

    dc05f4351a00e55db70154d0650a8fdddd63aa5cd8741645ad5b3397bbdc67f10cef521d9a8a2f7a2c64dd80a048a7e0a484982e1bfcdc7c360ba771cbe03017

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 15 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Sirus.exe
    "C:\Users\Admin\AppData\Local\Temp\Sirus.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2840
    • C:\Users\Admin\AppData\Local\Temp\Sirus.exe
      "{path}"
      2⤵
        PID:3860
      • C:\Users\Admin\AppData\Local\Temp\Sirus.exe
        "{path}"
        2⤵
          PID:1560
        • C:\Users\Admin\AppData\Local\Temp\Sirus.exe
          "{path}"
          2⤵
            PID:2124
          • C:\Users\Admin\AppData\Local\Temp\Sirus.exe
            "{path}"
            2⤵
              PID:3000
            • C:\Users\Admin\AppData\Local\Temp\Sirus.exe
              "{path}"
              2⤵
                PID:996

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/2840-114-0x0000000000A30000-0x0000000000A31000-memory.dmp
              Filesize

              4KB

              Download
            • memory/2840-116-0x0000000005B90000-0x0000000005B91000-memory.dmp
              Filesize

              4KB

              Download
            • memory/2840-118-0x0000000005320000-0x0000000005321000-memory.dmp
              Filesize

              4KB

              Download
            • memory/2840-117-0x0000000005680000-0x0000000005681000-memory.dmp
              Filesize

              4KB

              Download
            • memory/2840-119-0x00000000054E0000-0x00000000054E1000-memory.dmp
              Filesize

              4KB

              Download
            • memory/2840-120-0x0000000005460000-0x0000000005461000-memory.dmp
              Filesize

              4KB

              Download
            • memory/2840-121-0x0000000008B30000-0x0000000008B35000-memory.dmp
              Filesize

              20KB

              Download
            • memory/2840-122-0x0000000008BF0000-0x0000000008BF1000-memory.dmp
              Filesize

              4KB

              Download
            • memory/2840-123-0x000000000A180000-0x000000000A26A000-memory.dmp
              Filesize

              936KB

              Download
            • memory/2840-124-0x0000000009E80000-0x0000000009F40000-memory.dmp
              Filesize

              768KB

              Download