Overview

overview

10

Static

static

PRQ 010474.exe

windows7_x64

10

PRQ 010474.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    160s
  • max time network
    172s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21-05-2022 00:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PRQ 010474.exe

  • Size

    707KB

  • MD5

    f7f798cefa93fa8f30af242b477b492d

  • SHA1

    51255ed37b1c283d5680e2b2eedd8a6faee4a42e

  • SHA256

    0ed172bf03053550d13affba533548544e35af09e7e01abd548648adf427e5c3

  • SHA512

    9deaebc9c08f6855c5b3d878d27f0f79401af97ef15fcb1d4d6e4edcf20c51ba67c778463363b0fdeb9eec0aacdf257f8b4c17da9e8b7a12e9bea07d56be22b3

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PRQ 010474.exe
    "C:\Users\Admin\AppData\Local\Temp\PRQ 010474.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1848-130-0x0000000000FE0000-0x0000000001098000-memory.dmp

    Filesize

    736KB

    Download

  • memory/1848-131-0x0000000006030000-0x00000000065D4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/1848-132-0x0000000005A80000-0x0000000005B12000-memory.dmp

    Filesize

    584KB

    Download

  • memory/1848-133-0x0000000005A60000-0x0000000005A6A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1848-134-0x0000000008030000-0x00000000080CC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/1848-135-0x0000000008350000-0x00000000083B6000-memory.dmp

    Filesize

    408KB

    Download