Overview

overview

3

Static

static

ConsoleApp7.exe

windows7_x64

3

ConsoleApp7.exe

windows10-2004_x64

1

Resubmissions

03-02-2022 13:26

220203-qpq5cahggm 3

01-02-2022 11:13

220201-nbqkjsdear 10

01-02-2022 11:12

220201-na5m3sdeak 10

31-12-2021 08:31

211231-keqg6sggb4 10

Analysis

  • max time kernel
    137s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    03-02-2022 13:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ConsoleApp7.exe

  • Size

    53KB

  • MD5

    b2993b2a7a1edba14742564de7e85cb2

  • SHA1

    cf7f1085978128cc082aec921d34d6d25e4ab19b

  • SHA256

    800b4455105a08833332092017909f9dd47bd4ebfb1cbddbe0b95658d03b8d64

  • SHA512

    a64951f5026a2f3bb01652bae0267b1d4b88b017a64208bb2e556a755a44e86eab0df33d43e759defe4caefc30693099b74fa1ebac90ff323ac2e555f51d892a

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ConsoleApp7.exe
    "C:\Users\Admin\AppData\Local\Temp\ConsoleApp7.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2016
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2016 -s 1072
      2⤵
      • Program crash
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:1224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1224-58-0x0000000000330000-0x0000000000331000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2016-54-0x0000000000300000-0x0000000000312000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2016-55-0x0000000075AB1000-0x0000000075AB3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2016-56-0x0000000000760000-0x0000000000761000-memory.dmp

    Filesize

    4KB

    Download