Analysis
-
max time kernel
141s -
max time network
161s -
platform
windows10-2004_x64 -
resource
win10v2004-20220331-en -
submitted
30-03-2022 09:35
General
-
Target
980e9b1b9c2fd867deb0255a56d8111cba4e4eef61a08dae39f95f5b45016cff.exe
-
Size
407KB
-
MD5
2e0eb4b37ce7082fedef3637e225f1e0
-
SHA1
f0d9159e7b6f188ca337732ce7ec07ff4f39d00e
-
SHA256
980e9b1b9c2fd867deb0255a56d8111cba4e4eef61a08dae39f95f5b45016cff
-
SHA512
89ce3a668e1fa878d8f60eaf1e49fbe134d13bd4c4d84a4aef1e9f35ae4c604f01d7526eca566956b68b77a86fdb247b50fc9c51ce273082d942f36601fcc0f5
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\980e9b1b9c2fd867deb0255a56d8111cba4e4eef61a08dae39f95f5b45016cff.exe"C:\Users\Admin\AppData\Local\Temp\980e9b1b9c2fd867deb0255a56d8111cba4e4eef61a08dae39f95f5b45016cff.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1700-124-0x0000000006450000-0x0000000006474000-memory.dmpFilesize
144KB
-
memory/1700-125-0x0000000006480000-0x00000000064B2000-memory.dmpFilesize
200KB
-
memory/1700-126-0x0000000000400000-0x00000000046E6000-memory.dmpFilesize
66.9MB
-
memory/1700-127-0x0000000009090000-0x0000000009634000-memory.dmpFilesize
5.6MB
-
memory/1700-128-0x0000000009640000-0x0000000009C58000-memory.dmpFilesize
6.1MB
-
memory/1700-129-0x0000000006A80000-0x0000000006ABC000-memory.dmpFilesize
240KB
-
memory/1700-130-0x0000000006950000-0x0000000006962000-memory.dmpFilesize
72KB
-
memory/1700-131-0x0000000009084000-0x0000000009086000-memory.dmpFilesize
8KB
-
memory/1700-132-0x0000000009CA0000-0x0000000009DAA000-memory.dmpFilesize
1.0MB