Analysis

  • max time kernel
    121s
  • max time network
    154s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    14-01-2022 09:14

General

  • Target

    b4c2b203ec5ada40ca14fbee20de0b67.exe

  • Size

    221KB

  • MD5

    b4c2b203ec5ada40ca14fbee20de0b67

  • SHA1

    65563cc1c1d781991e378ec9e5d3578b0810d42d

  • SHA256

    2b697dedde68e57f4ce0031983226e1db30f0e41e52e5307f1bb1eddc87ae7e7

  • SHA512

    a905bbb8c6f33cdafefe5537b8705d29e69e4c3b559b396bf9a176478d3de453deaad5249fb7980ae113ff4d2c793be0f10f3d0c59056d0c5be55fce12573a03

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b4c2b203ec5ada40ca14fbee20de0b67.exe
    "C:\Users\Admin\AppData\Local\Temp\b4c2b203ec5ada40ca14fbee20de0b67.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2780

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2780-115-0x00000000005D0000-0x000000000060E000-memory.dmp

    Filesize

    248KB

  • memory/2780-116-0x00000000005D0000-0x000000000060E000-memory.dmp

    Filesize

    248KB

  • memory/2780-117-0x0000000005410000-0x000000000590E000-memory.dmp

    Filesize

    5.0MB

  • memory/2780-118-0x0000000004F10000-0x0000000004FA2000-memory.dmp

    Filesize

    584KB

  • memory/2780-119-0x0000000004F10000-0x000000000540E000-memory.dmp

    Filesize

    5.0MB

  • memory/2780-120-0x0000000004E20000-0x0000000004E2A000-memory.dmp

    Filesize

    40KB

  • memory/2780-121-0x0000000004F10000-0x000000000540E000-memory.dmp

    Filesize

    5.0MB

  • memory/2780-122-0x0000000008370000-0x000000000839C000-memory.dmp

    Filesize

    176KB