Analysis
-
max time kernel
121s -
max time network
118s -
platform
windows7_x64 -
resource
win7-en-20210920 -
submitted
14-10-2021 08:52
General
-
Target
SecuriteInfo.com.Trojan.InjectNET.14.3934.31899.exe
-
Size
1.9MB
-
MD5
13003cbfb6d2adfeea85952f8172c4f7
-
SHA1
e5ef2dd654b50ed7be455cbe7aaabaa7acaedc80
-
SHA256
9c8590c7165b453dd0792be3cf51e200961a1ed9cf1154768ee86f7018db8fd9
-
SHA512
ccb7e4dfb0454711cb50a619497072082bae3111ac8ba76b22d1f95af9721762b3b493596191f879bdca3d5872315009bb8f021ac131d9a1067e1dff91696824
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.InjectNET.14.3934.31899.exe"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.InjectNET.14.3934.31899.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\conhost.exe"C:\Windows\System32\conhost.exe" "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.InjectNET.14.3934.31899.exe"2⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1088-54-0x0000000000170000-0x0000000000359000-memory.dmpFilesize
1.9MB
-
memory/1088-55-0x000000001B1D0000-0x000000001B3B5000-memory.dmpFilesize
1.9MB
-
memory/1088-58-0x000000001A8C4000-0x000000001A8C6000-memory.dmpFilesize
8KB
-
memory/1088-57-0x000000001A8C2000-0x000000001A8C4000-memory.dmpFilesize
8KB
-
memory/1088-59-0x000000001A8C6000-0x000000001A8C7000-memory.dmpFilesize
4KB
-
memory/1088-60-0x000000001A8C7000-0x000000001A8C8000-memory.dmpFilesize
4KB