Analysis
-
max time kernel
150s -
max time network
153s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
05-11-2021 19:57
General
-
Target
6023b151847ac5cbeb2b311623a8f126.exe
-
Size
43KB
-
MD5
6023b151847ac5cbeb2b311623a8f126
-
SHA1
8aeb83d4d7173266cc7eed4a0ff6694698c6743e
-
SHA256
4c26643cb0e783e8dc9cab1629d35e8523bd49e637f48847916efd517347111b
-
SHA512
a8795d2ae623f72c99d6bfbf0379ded30582d36fcf671d8d33cd78c6c7307cd582d7b4ba771e0670aaae983042b7fbb41f3ed123e57adceb9c86ed2f9e1fe065
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 35 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\6023b151847ac5cbeb2b311623a8f126.exe"C:\Users\Admin\AppData\Local\Temp\6023b151847ac5cbeb2b311623a8f126.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2620-118-0x0000000000B00000-0x0000000000B01000-memory.dmpFilesize
4KB
-
memory/2620-120-0x0000000005390000-0x0000000005391000-memory.dmpFilesize
4KB
-
memory/2620-121-0x0000000005BB0000-0x0000000005BB1000-memory.dmpFilesize
4KB
-
memory/2620-122-0x0000000005750000-0x0000000005751000-memory.dmpFilesize
4KB
-
memory/2620-123-0x00000000055A0000-0x00000000055A1000-memory.dmpFilesize
4KB
-
memory/2620-124-0x0000000005370000-0x0000000005371000-memory.dmpFilesize
4KB
-
memory/2620-125-0x0000000005920000-0x0000000005921000-memory.dmpFilesize
4KB
-
memory/2620-126-0x00000000068A0000-0x00000000068A1000-memory.dmpFilesize
4KB