Overview

overview

10

Static

static

70640074D3...FB.exe

windows7_x64

10

70640074D3...FB.exe

windows10_x64

1

Analysis

  • max time kernel
    158s
  • max time network
    175s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    28-01-2022 21:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    70640074D3FDAE9D73D37DB169C4E2FB.exe

  • Size

    38KB

  • MD5

    70640074d3fdae9d73d37db169c4e2fb

  • SHA1

    4a05baf2027180366471de77bfe26b9e53917f7e

  • SHA256

    67741e596f4d59713a232bfb45d6cb0b2592f67b867773f72c2bb0fa2f749685

  • SHA512

    a50db1617e4d09a8e610fdffda759a6c6c4d71ea6c671bef68ddc302af855b18235eabbd75590af39986c031b895d66bc591b7369edd83252b51015a986d4939

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\70640074D3FDAE9D73D37DB169C4E2FB.exe
    "C:\Users\Admin\AppData\Local\Temp\70640074D3FDAE9D73D37DB169C4E2FB.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1772-118-0x0000000000350000-0x0000000000360000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1772-119-0x0000000000A10000-0x0000000000A12000-memory.dmp
    Filesize

    8KB

    Download