Analysis
-
max time kernel
19s -
max time network
113s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
24-07-2021 14:01
General
-
Target
126F9F212F9F6EBB9558E5A23F5A9AAD.exe
-
Size
531KB
-
MD5
126f9f212f9f6ebb9558e5a23f5a9aad
-
SHA1
7e7ec218f4b9aef17cb65166b1af8f3945c4b1e1
-
SHA256
0eaeac1a39068d23fb3a986002b67044a3cc6f1fa88f9fbd3e77884c67510030
-
SHA512
3fcc040a75541e8847cb4d8b5e5a5c31b128c1ff8246717d8ee146aef7eded96c519df26d60dba127e81b0cdd29a9ef10ceaa3b442a6b5d28c6c80dc62fd9377
Score
8/10
Malware Config
Signatures
-
Downloads MZ/PE file
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\126F9F212F9F6EBB9558E5A23F5A9AAD.exe"C:\Users\Admin\AppData\Local\Temp\126F9F212F9F6EBB9558E5A23F5A9AAD.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\126F9F212F9F6EBB9558E5A23F5A9AAD.exe"C:\Users\Admin\AppData\Local\Temp\126F9F212F9F6EBB9558E5A23F5A9AAD.exe"2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/992-114-0x0000000000090000-0x0000000000091000-memory.dmpFilesize
4KB
-
memory/992-116-0x0000000004F40000-0x0000000004F41000-memory.dmpFilesize
4KB
-
memory/992-117-0x0000000004A40000-0x0000000004F3E000-memory.dmpFilesize
5.0MB
-
memory/992-118-0x0000000000BC0000-0x0000000000BC8000-memory.dmpFilesize
32KB
-
memory/992-119-0x0000000005A20000-0x0000000005A21000-memory.dmpFilesize
4KB