Overview

overview

10

Static

static

Offscum.exe

windows7_x64

10

Offscum.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    156s
  • max time network
    162s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    16-05-2022 12:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Offscum.exe

  • Size

    400KB

  • MD5

    ad95c6a895478d0fa99462f69a710190

  • SHA1

    ac93857e5ed2ef6bccd3a9538359026806fcc593

  • SHA256

    8cf21b1b10b6793c5cf45d16bda93cd71e1171559068a156bbaa68d1204cb9f3

  • SHA512

    7d8b838d807e6ef3104bd9a995c0e609ed9718551d1a5463bc79dcf2b157819d43f48b196c73e3d48c38ecc5881628a981574f9dea2c399a0257698e78797030

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Offscum.exe
    "C:\Users\Admin\AppData\Local\Temp\Offscum.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2476-130-0x0000000002E5D000-0x0000000002E87000-memory.dmp
    Filesize

    168KB

    Download
  • memory/2476-131-0x00000000048E0000-0x0000000004917000-memory.dmp
    Filesize

    220KB

    Download
  • memory/2476-132-0x0000000000400000-0x0000000002B80000-memory.dmp
    Filesize

    39.5MB

    Download
  • memory/2476-133-0x0000000007440000-0x00000000079E4000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/2476-134-0x00000000079F0000-0x0000000008008000-memory.dmp
    Filesize

    6.1MB

    Download
  • memory/2476-135-0x0000000002D20000-0x0000000002D32000-memory.dmp
    Filesize

    72KB

    Download
  • memory/2476-136-0x0000000008010000-0x000000000811A000-memory.dmp
    Filesize

    1.0MB

    Download
  • memory/2476-137-0x0000000002D40000-0x0000000002D7C000-memory.dmp
    Filesize

    240KB

    Download