Overview

overview

10

Static

static

97db5d6bf2...6b.exe

windows7_x64

10

97db5d6bf2...6b.exe

windows10_x64

1

Analysis

  • max time kernel
    150s
  • max time network
    114s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    04-05-2021 19:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    97db5d6bf244ec42d214ecda6116b47f3f832cdeb7e2420cb61b38bd38f6e56b.exe

  • Size

    304KB

  • MD5

    6529ae6f83ba1f1885f1b7b79c27f3c5

  • SHA1

    60c9a10e8ad5f95341df373cb662f71f6e4541d8

  • SHA256

    97db5d6bf244ec42d214ecda6116b47f3f832cdeb7e2420cb61b38bd38f6e56b

  • SHA512

    0773c732d1ed10b2e847e0220f1b30a73bb80d8f5ef9cef9bc15752e5cb54964737a22c1682cc8be05a7c8a7bee6a842ec694cd0d8feed1e560b7b10bc9e8cb6

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\97db5d6bf244ec42d214ecda6116b47f3f832cdeb7e2420cb61b38bd38f6e56b.exe
    "C:\Users\Admin\AppData\Local\Temp\97db5d6bf244ec42d214ecda6116b47f3f832cdeb7e2420cb61b38bd38f6e56b.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3952-114-0x0000000000080000-0x0000000000081000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3952-116-0x0000000004A40000-0x0000000004A41000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3952-117-0x0000000005090000-0x0000000005091000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3952-118-0x0000000004D20000-0x0000000004D23000-memory.dmp
    Filesize

    12KB

    Download
  • memory/3952-178-0x0000000004B90000-0x000000000508E000-memory.dmp
    Filesize

    5.0MB

    Download