Analysis
-
max time kernel
152s -
max time network
164s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
02-05-2022 11:00
Static task
static1
Behavioral task
behavioral1
Sample
Purchase Order.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Purchase Order.exe
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
Purchase Order.exe
-
Size
43KB
-
MD5
d88a146f731e00b42947ec060f3d4f43
-
SHA1
46243e85f209fdb306affd5eefb9ffe5fa3d2614
-
SHA256
d08b7126b81c09be7e54774cc35399faceef0c2d4732cbbca5d46c48d89a2f51
-
SHA512
5dc37bd378418b0787ce6d8c4a8d5e945850b0ae22d27fb1a6739463e3f97c2f1e8a9209ea7a48313a3f677e0110e18926bcb055732ba02238e6984e16125df0
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
Purchase Order.exedescription pid process Token: SeDebugPrivilege 1928 Purchase Order.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1928-130-0x0000000000190000-0x00000000001A2000-memory.dmpFilesize
72KB
-
memory/1928-131-0x0000000005020000-0x00000000055C4000-memory.dmpFilesize
5.6MB
-
memory/1928-132-0x0000000004B50000-0x0000000004BE2000-memory.dmpFilesize
584KB
-
memory/1928-133-0x0000000004D00000-0x0000000004D0A000-memory.dmpFilesize
40KB