Analysis
-
max time kernel
152s -
max time network
151s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
03-10-2021 18:11
Behavioral task
behavioral1
Sample
3629444779e7e4fb9a023cda4f1473c6.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
3629444779e7e4fb9a023cda4f1473c6.exe
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
3629444779e7e4fb9a023cda4f1473c6.exe
-
Size
32KB
-
MD5
3629444779e7e4fb9a023cda4f1473c6
-
SHA1
6dbc84ad7cd111eb34ef3c30186f5afc86304749
-
SHA256
647b62057e0fce41fd1b3d7f4c99a834da671e36f4c72eb03bec9e7a34b24b35
-
SHA512
f74cc0f1e19be519b1c25039531eac401582d2afae520d4cd4e4dfb930e55f9dab1be812869acec2e830e03a586905d428f1ae550cb3a787e253d49568147c11
Score
10/10
Malware Config
Signatures
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Suspicious use of AdjustPrivilegeToken 35 IoCs
Processes:
3629444779e7e4fb9a023cda4f1473c6.exedescription pid process Token: SeDebugPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: 33 4796 3629444779e7e4fb9a023cda4f1473c6.exe Token: SeIncBasePriorityPrivilege 4796 3629444779e7e4fb9a023cda4f1473c6.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4796-114-0x0000000001540000-0x0000000001541000-memory.dmpFilesize
4KB