Analysis
-
max time kernel
150s -
max time network
137s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
26-02-2022 06:39
General
-
Target
c50b0ff9f14df91b2d6a6f0f0a807d5f331a926b5f350ebec89814caf10efbc2.exe
-
Size
481KB
-
MD5
3f1995ce0816d156a2c4d6ae7bc81c5c
-
SHA1
0cded80956ed98fff2487cad4d36a24e2f45b41e
-
SHA256
c50b0ff9f14df91b2d6a6f0f0a807d5f331a926b5f350ebec89814caf10efbc2
-
SHA512
5a39c6d5298577e71c840ca4fc7b32f0dbe145d9b7023fbe8009006f0b5323c2da2ed9d45e1e3a1108b0a13cc1929ed7b0b91ce2403ac9dadd9297cafd0124b4
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 8 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c50b0ff9f14df91b2d6a6f0f0a807d5f331a926b5f350ebec89814caf10efbc2.exe"C:\Users\Admin\AppData\Local\Temp\c50b0ff9f14df91b2d6a6f0f0a807d5f331a926b5f350ebec89814caf10efbc2.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2112-130-0x0000000000E70000-0x0000000000EEE000-memory.dmpFilesize
504KB
-
memory/2112-131-0x000000007476E000-0x000000007476F000-memory.dmpFilesize
4KB
-
memory/2112-132-0x0000000005E10000-0x00000000063B4000-memory.dmpFilesize
5.6MB
-
memory/2112-133-0x00000000057D0000-0x00000000057D1000-memory.dmpFilesize
4KB
-
memory/2112-134-0x0000000005970000-0x0000000005A02000-memory.dmpFilesize
584KB
-
memory/2112-135-0x0000000005AB0000-0x0000000005B4C000-memory.dmpFilesize
624KB
-
memory/2112-136-0x0000000005C50000-0x0000000005CB6000-memory.dmpFilesize
408KB