Analysis
-
max time kernel
151s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
20-05-2022 22:50
Static task
static1
Behavioral task
behavioral1
Sample
Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe
-
Size
335KB
-
MD5
75250bd5c17ef8ef930881d75c5266cf
-
SHA1
acf4bc9e501bdb1fa3fef12e27dafb99606acda9
-
SHA256
3432874fb720b1dfb4e8325021377473de3b5811882cb563d4381ca4682ccbbb
-
SHA512
7efb35fe5772bf1ec8ea439ece77a7cfc013524c5101dc2a407191e1e754222735b34580ce60fc70fc40c9ada67336a512138c854dc166d64bdc59afc4fd33bc
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 8 IoCs
Processes:
Urgent Quotation Request RFQ20202205 Short Delivery Preference.exepid process 4900 Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe 4900 Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe 4900 Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe 4900 Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe 4900 Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe 4900 Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe 4900 Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe 4900 Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
Urgent Quotation Request RFQ20202205 Short Delivery Preference.exedescription pid process Token: SeDebugPrivilege 4900 Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe"C:\Users\Admin\AppData\Local\Temp\Urgent Quotation Request RFQ20202205 Short Delivery Preference.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:4900
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4900-130-0x0000000000440000-0x000000000049A000-memory.dmpFilesize
360KB
-
memory/4900-131-0x0000000005430000-0x00000000059D4000-memory.dmpFilesize
5.6MB
-
memory/4900-132-0x0000000004E80000-0x0000000004F12000-memory.dmpFilesize
584KB
-
memory/4900-133-0x0000000002A10000-0x0000000002A1A000-memory.dmpFilesize
40KB
-
memory/4900-134-0x00000000051C0000-0x000000000525C000-memory.dmpFilesize
624KB
-
memory/4900-135-0x0000000005360000-0x00000000053C6000-memory.dmpFilesize
408KB