Overview

overview

10

Static

static

10

feda78f1df...67.exe

windows7_x64

1

feda78f1df...67.exe

windows10_x64

1

Analysis

  • max time kernel
    162s
  • max time network
    172s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    21/01/2022, 22:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    feda78f1dff8bd9d850a154a627bcfb4041dc36c325be0db436ca85fe565f767.exe

  • Size

    1.9MB

  • MD5

    f4273faff8df3c84c858be7f8aa8442e

  • SHA1

    2b29180ee72426d8840ad26cc258c7d629e43275

  • SHA256

    feda78f1dff8bd9d850a154a627bcfb4041dc36c325be0db436ca85fe565f767

  • SHA512

    acbc6a0b5a2b9d94e7d72e8f8509b73114f186b22ab40a10c87988390cebdb3c23845dde22ae4d767020a8e8799e68d8b51ec9af0e2119a73a834f452de3aa5e

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\feda78f1dff8bd9d850a154a627bcfb4041dc36c325be0db436ca85fe565f767.exe
    "C:\Users\Admin\AppData\Local\Temp\feda78f1dff8bd9d850a154a627bcfb4041dc36c325be0db436ca85fe565f767.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2324-115-0x0000000000BA0000-0x0000000000D8C000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2324-116-0x0000000005C20000-0x000000000611E000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/2324-117-0x0000000005720000-0x00000000057B2000-memory.dmp

    Filesize

    584KB

    Download

  • memory/2324-118-0x0000000005720000-0x0000000005C1E000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/2324-119-0x00000000056F0000-0x00000000056FA000-memory.dmp

    Filesize

    40KB

    Download