Overview

overview

10

Static

static

TNT Shippi...DF.exe

windows7_x64

3

TNT Shippi...DF.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    134s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    07-02-2022 08:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TNT Shipping Documents PDF.exe

  • Size

    47KB

  • MD5

    7d50ca70bff094575182ed4a262bdfe0

  • SHA1

    3be7106531cc7a8685b09abe19420991b20f2095

  • SHA256

    a59584b56e441105efa83722c78737df246a0ed1e76d2b1c3c20e7c1581d9cae

  • SHA512

    014c99b4918c99677780205ce78f538ca2a671b1e0ba7b6245c2a974e459c9ee127893cfaaaefcf442fc04e69e50ace4e03ce164c7eadf45f61cd3bbef865b8f

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TNT Shipping Documents PDF.exe
    "C:\Users\Admin\AppData\Local\Temp\TNT Shipping Documents PDF.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1160
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1160 -s 1116
      2⤵
      • Program crash
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of AdjustPrivilegeToken
      PID:836

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/836-56-0x000007FEFC321000-0x000007FEFC323000-memory.dmp
    Filesize

    8KB

    Download
  • memory/836-59-0x0000000001C60000-0x0000000001C61000-memory.dmp
    Filesize

    4KB

    Download
  • memory/1160-54-0x0000000000D60000-0x0000000000D72000-memory.dmp
    Filesize

    72KB

    Download
  • memory/1160-55-0x000000001B3F0000-0x000000001B3F2000-memory.dmp
    Filesize

    8KB

    Download