Overview

overview

10

Static

static

UIF Covid-19.exe

windows7_x64

10

UIF Covid-19.exe

windows10-2004_x64

4

Analysis

  • max time kernel
    13s
  • max time network
    17s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220113
  • submitted
    05-02-2022 09:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UIF Covid-19.exe

  • Size

    358KB

  • MD5

    3601ca92dbd87d046273d2c6aca6e7a6

  • SHA1

    a37cf982bf9d242601124346d17eafea404d6b07

  • SHA256

    7c66bdf5e60c828d8033218f9807b954e26046817acda2a8235a5b3bc68c5277

  • SHA512

    9a0e39178a2c248a9470d6899e9fe9528531423d479d6571dd8380d1ed3f04aac596436bdcec23aa686bafba54459c889ffcc6af08d366a9d8adf442f040ba1f

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 5 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\UIF Covid-19.exe
    "C:\Users\Admin\AppData\Local\Temp\UIF Covid-19.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1932
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv
    1⤵
    • Drops file in Windows directory
    • Suspicious use of AdjustPrivilegeToken
    PID:4728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1932-130-0x0000000000C80000-0x0000000000CE0000-memory.dmp

    Filesize

    384KB

    Download

  • memory/1932-131-0x0000000005C80000-0x0000000006224000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/1932-132-0x00000000056D0000-0x0000000005762000-memory.dmp

    Filesize

    584KB

    Download

  • memory/1932-133-0x0000000005620000-0x0000000005642000-memory.dmp

    Filesize

    136KB

    Download

  • memory/4728-134-0x000002B1C3160000-0x000002B1C3170000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4728-141-0x000002B1C5EE0000-0x000002B1C5EE4000-memory.dmp

    Filesize

    16KB

    Download