Analysis

  • max time kernel
    135s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    21-01-2022 22:49

General

  • Target

    feda78f1dff8bd9d850a154a627bcfb4041dc36c325be0db436ca85fe565f767.exe

  • Size

    1.9MB

  • MD5

    f4273faff8df3c84c858be7f8aa8442e

  • SHA1

    2b29180ee72426d8840ad26cc258c7d629e43275

  • SHA256

    feda78f1dff8bd9d850a154a627bcfb4041dc36c325be0db436ca85fe565f767

  • SHA512

    acbc6a0b5a2b9d94e7d72e8f8509b73114f186b22ab40a10c87988390cebdb3c23845dde22ae4d767020a8e8799e68d8b51ec9af0e2119a73a834f452de3aa5e

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\feda78f1dff8bd9d850a154a627bcfb4041dc36c325be0db436ca85fe565f767.exe
    "C:\Users\Admin\AppData\Local\Temp\feda78f1dff8bd9d850a154a627bcfb4041dc36c325be0db436ca85fe565f767.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/744-53-0x0000000001270000-0x000000000145C000-memory.dmp

    Filesize

    1.9MB

  • memory/744-54-0x0000000076041000-0x0000000076043000-memory.dmp

    Filesize

    8KB

  • memory/744-55-0x0000000004F40000-0x0000000004F41000-memory.dmp

    Filesize

    4KB