Overview

overview

10

Static

static

9b010a715d...45.exe

windows7_x64

10

9b010a715d...45.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    20-04-2022 02:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9b010a715df630f7ef61d944b3aef0c412f6f90604e61776b7403ec8ab9a8b45.exe

  • Size

    58KB

  • MD5

    64c8cebab58b85ad9a395b2e435c9f3f

  • SHA1

    f11370500d686cf69a34e2848428a8ec0f24d69d

  • SHA256

    9b010a715df630f7ef61d944b3aef0c412f6f90604e61776b7403ec8ab9a8b45

  • SHA512

    360d41015dce521705efb1514ae28e6402dda2b3ec1125942ce46bcc638304ced77a23c3ec8777bf84511d47c47c76a40d98a5cdda6525c872711b0f36fd59b3

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9b010a715df630f7ef61d944b3aef0c412f6f90604e61776b7403ec8ab9a8b45.exe
    "C:\Users\Admin\AppData\Local\Temp\9b010a715df630f7ef61d944b3aef0c412f6f90604e61776b7403ec8ab9a8b45.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:5084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5084-133-0x0000000000470000-0x0000000000484000-memory.dmp

    Filesize

    80KB

    Download

  • memory/5084-134-0x0000000004E70000-0x0000000004F0C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/5084-135-0x00000000054C0000-0x0000000005A64000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/5084-136-0x0000000004F10000-0x0000000004FA2000-memory.dmp

    Filesize

    584KB

    Download

  • memory/5084-137-0x0000000004E30000-0x0000000004E3A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/5084-138-0x0000000005130000-0x0000000005186000-memory.dmp

    Filesize

    344KB

    Download

  • memory/5084-139-0x0000000006FE0000-0x0000000007046000-memory.dmp

    Filesize

    408KB

    Download