Analysis
-
max time kernel
110s -
max time network
149s -
platform
windows10_x64 -
resource
win10-en-20210920 -
submitted
25-10-2021 11:43
Static task
static1
Behavioral task
behavioral1
Sample
money/manager.exe
Resource
win7-en-20211014
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
money/manager.exe
Resource
win10-en-20210920
windows10_x64
0 signatures
0 seconds
Behavioral task
behavioral3
Sample
manager.exe
Resource
win7-en-20211014
windows7_x64
0 signatures
0 seconds
General
-
Target
money/manager.exe
-
Size
202KB
-
MD5
1479371ef0752f027661fc1b7748b318
-
SHA1
3bf6809d0987cd82ec328b7bbdbcc5618743cf38
-
SHA256
183923330057af95cedb73d0aa2e7f844dba89df8866995f483be4c5780298b3
-
SHA512
cb10d09a5fc39acf2b799534900d0af2196df00123c6bbc485646960da69a0012d9423c60ae2d04687351fee52fc132c48bc62cc109f88588f766f9d977ce6f2
Malware Config
Signatures
-
Processes:
manager.exedescription ioc process Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA manager.exe -
Suspicious behavior: EnumeratesProcesses 6 IoCs
Processes:
manager.exepid process 744 manager.exe 744 manager.exe 744 manager.exe 744 manager.exe 744 manager.exe 744 manager.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
manager.exepid process 744 manager.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
manager.exedescription pid process Token: SeDebugPrivilege 744 manager.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/744-115-0x0000000002DE0000-0x0000000002DE1000-memory.dmpFilesize
4KB