Overview

overview

10

Static

static

Order Conf...on.exe

windows7_x64

10

Order Conf...on.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    150s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    20-05-2022 23:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Order Confirmation.exe

  • Size

    622KB

  • MD5

    ce8490023b0936100bc99b1fc7d45f7b

  • SHA1

    528d5646d8533de89488789e8ebaae26d490d30d

  • SHA256

    4c9d00d13011ecb71ce646fd7c2189364859be2b3b069ce457d15eeb2656fcdb

  • SHA512

    fbe2eda37469a64536f77bf4998e2de6b1c76865a5fe72319058d076b334b925bc2a5bbe4582ad94918ff9c66210e308a938e7a3be5c612631df9cdf29e1430f

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Order Confirmation.exe
    "C:\Users\Admin\AppData\Local\Temp\Order Confirmation.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4032-130-0x00000000003E0000-0x0000000000482000-memory.dmp

    Filesize

    648KB

    Download

  • memory/4032-131-0x0000000004CD0000-0x0000000004D6C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/4032-132-0x0000000004E20000-0x0000000004EB2000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4032-133-0x000000000BAD0000-0x000000000C074000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4032-134-0x000000000B6D0000-0x000000000B736000-memory.dmp

    Filesize

    408KB

    Download