Overview

overview

10

Static

static

10

4e3cb358f6...4d.exe

windows7_x64

1

4e3cb358f6...4d.exe

windows10_x64

1

Analysis

  • max time kernel
    154s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    07-09-2021 06:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4e3cb358f643577cbd3b9354466b2640dfaf08150105d532bf7a0e938510da4d.exe

  • Size

    43KB

  • MD5

    119fa29ca64f8a3be7b042bc75080c70

  • SHA1

    f9e527da23c90f285441946fad023e072c5bfb44

  • SHA256

    4e3cb358f643577cbd3b9354466b2640dfaf08150105d532bf7a0e938510da4d

  • SHA512

    05b0cd698923a7cf7b5f7089b1b720a53f1f6c34a4d57642e7fe2c1cb7cb835ac0a8eda06b2c129145e8b2a4eccc5f97f610a85919e6ebae576b1e47d1b01c94

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 33 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4e3cb358f643577cbd3b9354466b2640dfaf08150105d532bf7a0e938510da4d.exe
    "C:\Users\Admin\AppData\Local\Temp\4e3cb358f643577cbd3b9354466b2640dfaf08150105d532bf7a0e938510da4d.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    PID:1020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1020-60-0x0000000075451000-0x0000000075453000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1020-61-0x0000000002180000-0x0000000002181000-memory.dmp
    Filesize

    4KB

    Download