Overview

overview

10

Static

static

Purchase Order.exe

windows7_x64

10

Purchase Order.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    152s
  • max time network
    164s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    02-05-2022 11:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Purchase Order.exe

  • Size

    43KB

  • MD5

    d88a146f731e00b42947ec060f3d4f43

  • SHA1

    46243e85f209fdb306affd5eefb9ffe5fa3d2614

  • SHA256

    d08b7126b81c09be7e54774cc35399faceef0c2d4732cbbca5d46c48d89a2f51

  • SHA512

    5dc37bd378418b0787ce6d8c4a8d5e945850b0ae22d27fb1a6739463e3f97c2f1e8a9209ea7a48313a3f677e0110e18926bcb055732ba02238e6984e16125df0

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Purchase Order.exe
    "C:\Users\Admin\AppData\Local\Temp\Purchase Order.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1928-130-0x0000000000190000-0x00000000001A2000-memory.dmp
    Filesize

    72KB

    Download
  • memory/1928-131-0x0000000005020000-0x00000000055C4000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/1928-132-0x0000000004B50000-0x0000000004BE2000-memory.dmp
    Filesize

    584KB

    Download
  • memory/1928-133-0x0000000004D00000-0x0000000004D0A000-memory.dmp
    Filesize

    40KB

    Download