Overview

overview

10

Static

static

10

tmp/f5bf88...t2.exe

windows7_x64

1

tmp/f5bf88...t2.exe

windows10_x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    16-12-2021 17:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp/f5bf8807-2af3-457c-b37e-6f4875499969_onedrivenwt2.exe

  • Size

    20KB

  • MD5

    09983f8a77b8aec0f5fb58adccf88a38

  • SHA1

    86cbc88adeb1479259b80d8d24b005eba9b55b48

  • SHA256

    76b5f9aa537f6d48961c685ff3e10c6b754218198ed2700cf256fcc64f1adf9c

  • SHA512

    153dbbb568e1da23c8f35d6cbcf7d4747ac2fa7420832c4e98ff5ec4fb3dd20fc883ef4cd3cf9da79a3d0f8b6853a701b8f1b9ede92250dcef06477e9d7c8f78

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 35 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tmp\f5bf8807-2af3-457c-b37e-6f4875499969_onedrivenwt2.exe
    "C:\Users\Admin\AppData\Local\Temp\tmp\f5bf8807-2af3-457c-b37e-6f4875499969_onedrivenwt2.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1728-55-0x0000000075B11000-0x0000000075B13000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1728-56-0x0000000001FF0000-0x0000000001FF1000-memory.dmp

    Filesize

    4KB

    Download