Overview

overview

10

Static

static

VD178-TVCK...ON.exe

windows7_x64

1

VD178-TVCK...ON.exe

windows10_x64

10

Analysis

  • max time kernel
    139s
  • max time network
    11s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    24-07-2021 21:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe

  • Size

    1.2MB

  • MD5

    c56af6abad96b98796f4164aa907c49c

  • SHA1

    c39ba60ebd274dd3f2feb0fc59f37692ca38d9b4

  • SHA256

    6f58cdc58d928aacafb9d968e74b81aa1c3a3565ae39b494d48ba7b054873a07

  • SHA512

    e0b674b5e92cfbdf776ab336302b8c18434f8e3a4b63b3288fc35b7435ae90ab56fbd3a459c9e94888ac8a8d699942c0c2195984ada8e5b2b74f07a0016e9edf

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe
    "C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:336
    • C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe
      "C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe"
      2⤵
        PID:1672
      • C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe
        "C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe"
        2⤵
          PID:1016
        • C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe
          "C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe"
          2⤵
            PID:376
          • C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe
            "C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe"
            2⤵
              PID:1452
            • C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe
              "C:\Users\Admin\AppData\Local\Temp\VD178-TVCKM-E-001 - REQUEST FOR QUOTATION.exe"
              2⤵
                PID:556

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/336-60-0x00000000002B0000-0x00000000002B1000-memory.dmp
              Filesize

              4KB

              Download
            • memory/336-62-0x0000000004D80000-0x0000000004D81000-memory.dmp
              Filesize

              4KB

              Download
            • memory/336-63-0x0000000000550000-0x000000000057D000-memory.dmp
              Filesize

              180KB

              Download
            • memory/336-64-0x0000000009310000-0x0000000009377000-memory.dmp
              Filesize

              412KB

              Download
            • memory/336-65-0x0000000001F50000-0x0000000001F72000-memory.dmp
              Filesize

              136KB

              Download