Analysis
-
max time kernel
151s -
max time network
148s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
14-11-2021 14:42
General
-
Target
d4140f5a775e00e0c378b273cafd99dc.exe
-
Size
43KB
-
MD5
d4140f5a775e00e0c378b273cafd99dc
-
SHA1
d2d01b17152b0b67db3e85f373a8da1ad15ecf5d
-
SHA256
90a325ecd04db2a368f38ffa53e4970f1df87674124b84a7d3bb82630483b499
-
SHA512
78c425c3c2d6586ed2b75b035c4edc832382da0acaa729f830e7fd8773abeb7de8eefbd62d307064a1beb5629902981382fc47460bfe64078b0f343de7240de3
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 35 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\d4140f5a775e00e0c378b273cafd99dc.exe"C:\Users\Admin\AppData\Local\Temp\d4140f5a775e00e0c378b273cafd99dc.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2020-118-0x0000000000FA0000-0x0000000000FA1000-memory.dmpFilesize
4KB
-
memory/2020-120-0x0000000005830000-0x0000000005831000-memory.dmpFilesize
4KB
-
memory/2020-121-0x0000000006050000-0x0000000006051000-memory.dmpFilesize
4KB
-
memory/2020-122-0x00000000032C0000-0x00000000032C1000-memory.dmpFilesize
4KB
-
memory/2020-123-0x0000000005BF0000-0x0000000005BF1000-memory.dmpFilesize
4KB
-
memory/2020-124-0x0000000005BA0000-0x0000000005BA1000-memory.dmpFilesize
4KB
-
memory/2020-125-0x0000000005DC0000-0x0000000005DC1000-memory.dmpFilesize
4KB
-
memory/2020-126-0x0000000006C40000-0x0000000006C41000-memory.dmpFilesize
4KB