Overview

overview

10

Static

static

304b486442...86.exe

windows7_x64

10

304b486442...86.exe

windows10_x64

1

Analysis

  • max time kernel
    131s
  • max time network
    131s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    01-12-2021 08:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    304b4864421a6e2f8738293d33a22386.exe

  • Size

    654KB

  • MD5

    304b4864421a6e2f8738293d33a22386

  • SHA1

    8544125f97197ff0cc552dade97c894d258c89d0

  • SHA256

    d9c6cc74736a6ffeb3dd869fc8db8c845d0300b6f3302c688a3b78a79f16cd13

  • SHA512

    a6f914c62a81f4689992ad04da4a9e07ed541f211224552bacdaf06a533bb2a4a30201d7ab85eee951d6d1ef0237fadaee9183dde5975b67fe35da33544fd8e3

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\304b4864421a6e2f8738293d33a22386.exe
    "C:\Users\Admin\AppData\Local\Temp\304b4864421a6e2f8738293d33a22386.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2704-115-0x0000000000F80000-0x0000000000F81000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2704-117-0x0000000005DA0000-0x0000000005DA1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2704-118-0x00000000058A0000-0x00000000058A1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2704-119-0x0000000005940000-0x0000000005941000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2704-120-0x00000000058A0000-0x0000000005D9E000-memory.dmp
    Filesize

    5.0MB

    Download