Overview

overview

10

Static

static

10

bd1746091f...04.exe

windows7_x64

6

bd1746091f...04.exe

windows10_x64

6

Analysis

  • max time kernel
    170s
  • max time network
    171s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    29/01/2022, 14:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bd1746091ff430fbb749fc11ae3374b45375303840379f98b2576ad5bfc94104.exe

  • Size

    96KB

  • MD5

    e7ad33bb7c7af173c7a0b1f66ab4c7ae

  • SHA1

    ea342e170658732483329218a6bd76d127ba39bb

  • SHA256

    bd1746091ff430fbb749fc11ae3374b45375303840379f98b2576ad5bfc94104

  • SHA512

    580bd733735de5a3964b034274621fd9998d03ced2a6bb2590d75dcb1e025b4f54bbf76e282b5db4ed8303814c7c60ca06a31211940753202ee09fcebb255df0

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bd1746091ff430fbb749fc11ae3374b45375303840379f98b2576ad5bfc94104.exe
    "C:\Users\Admin\AppData\Local\Temp\bd1746091ff430fbb749fc11ae3374b45375303840379f98b2576ad5bfc94104.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2772

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2772-118-0x0000000003200000-0x0000000003201000-memory.dmp

    Filesize

    4KB

    Download