Analysis
-
max time kernel
140s -
max time network
57s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
13-10-2021 20:49
Static task
static1
Behavioral task
behavioral1
Sample
4078aa71d541412492dca732e7a4724b.exe
Resource
win7v20210408
0 signatures
0 seconds
General
-
Target
4078aa71d541412492dca732e7a4724b.exe
-
Size
57KB
-
MD5
4078aa71d541412492dca732e7a4724b
-
SHA1
c19adcb3808e32b2244eac8dbd5d3b614b09d378
-
SHA256
582c2dda5f1db3872450ce34212515fce0f2201b2d5961d08cdb80556db7c50e
-
SHA512
ad4891db2d00efb0341c3793e429fe4b69feb0d4db95f87a3f3793ce0e907a95e3cccf592652eaa299a2a000ae2da34c79850175fcc77a92d912454c23483e7b
Score
8/10
Malware Config
Signatures
-
Downloads MZ/PE file
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
4078aa71d541412492dca732e7a4724b.exedescription pid process Token: SeDebugPrivilege 752 4078aa71d541412492dca732e7a4724b.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/752-0-0x00000000013D0000-0x00000000013D1000-memory.dmpFilesize
4KB
-
memory/752-2-0x0000000075451000-0x0000000075453000-memory.dmpFilesize
8KB
-
memory/752-3-0x00000000003C0000-0x00000000003C1000-memory.dmpFilesize
4KB
-
memory/752-64-0x00000000003C5000-0x00000000003D6000-memory.dmpFilesize
68KB