Analysis

  • max time kernel
    117s
  • max time network
    152s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    05-10-2021 12:35

General

  • Target

    daed41395ba663bef2c52e3d1723ac46253a9008b582bb8d9da9cb0044991720.exe

  • Size

    67KB

  • MD5

    e6b0276bc3f541d8ff1ebb1b59c8bd29

  • SHA1

    295de44a0adbef57c51458978ccd71437aff0bf1

  • SHA256

    daed41395ba663bef2c52e3d1723ac46253a9008b582bb8d9da9cb0044991720

  • SHA512

    cdc851b9a7dc396384cbd69353f4e594cb3ac80679abfaa9ebf7bf849bca1b2e2c233c9634239e4aaa4e7f02a2af096733bef1b760ae0e6d660918217cecdcee

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 14 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\daed41395ba663bef2c52e3d1723ac46253a9008b582bb8d9da9cb0044991720.exe
    "C:\Users\Admin\AppData\Local\Temp\daed41395ba663bef2c52e3d1723ac46253a9008b582bb8d9da9cb0044991720.exe"
    1⤵
      PID:1720
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1720 -s 268
        2⤵
        • Program crash
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:2388

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads