Overview

overview

1

Static

static

Payment009...df.exe

windows7_x64

1

Payment009...df.exe

windows10_x64

1

Analysis

  • max time kernel
    122s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-en-20210920
  • submitted
    14-10-2021 04:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payment009731743,pdf.exe

  • Size

    20KB

  • MD5

    d90491faba27f71408734d133361275a

  • SHA1

    f3dff055b392fea77059954d7cf8f7b9a42ed655

  • SHA256

    c9d69ccbb72117cece98e6dd1327ad6bdc94a7a99826fec9542d38e49257fd85

  • SHA512

    3f7067d9820c65face5d22fb643f5da8b9e4166e8253f4cd92a3370590ae3bb1a8bb6e0cc3be6912f8176077849f8b1db88b4a74b58eaed7146b81755cff4a6e

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Payment009731743,pdf.exe
    "C:\Users\Admin\AppData\Local\Temp\Payment009731743,pdf.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1368-54-0x0000000000D00000-0x0000000000D01000-memory.dmp
    Filesize

    4KB

    Download
  • memory/1368-56-0x00000000768C1000-0x00000000768C3000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1368-57-0x0000000004700000-0x0000000004701000-memory.dmp
    Filesize

    4KB

    Download