Analysis

  • max time kernel
    114s
  • max time network
    40s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    23-07-2021 10:08

General

  • Target

    Statement SKBMT 01578.exe

  • Size

    1MB

  • MD5

    b2cd4e8f0a79d8953255bef56fb15bb1

  • SHA1

    38f857bbc3bb63418fad5474b5b315ec8688144e

  • SHA256

    857dd518ef3c65847d22cec214d81cc0e2ca2259915a7308c0b2ff2c58023082

  • SHA512

    771a158731332e72c848a10ad87b928317cdc83026813e6651ffa173875182059580f1092d953f417974be18252ee7de19016ee9a65f6fbf16392ad0515ee010

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Statement SKBMT 01578.exe
    "C:\Users\Admin\AppData\Local\Temp\Statement SKBMT 01578.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1812

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1812-60-0x0000000000C00000-0x0000000000C01000-memory.dmp
    Filesize

    4KB

  • memory/1812-62-0x0000000000A70000-0x0000000000A71000-memory.dmp
    Filesize

    4KB

  • memory/1812-63-0x0000000000980000-0x00000000009AD000-memory.dmp
    Filesize

    180KB