Overview

overview

10

Static

static

Electronic...DF.exe

windows7_x64

10

Electronic...DF.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    151s
  • max time network
    170s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21-05-2022 01:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Electronic TT Swift Maksajuma dokuments ar atru apstiprinajumu 9029938829 doc PDF.exe

  • Size

    403KB

  • MD5

    d29da00b52dbed49aa1c3048be013aa8

  • SHA1

    ea80dc07e833f7952d47705d239c99781ab7f0c3

  • SHA256

    ff2c551213e1242069528d7ba1e6da50a36ab0f1c0ef0d972d341e08a736d8e4

  • SHA512

    d1a621da52fa59b174606fa66ae5385b4c553e6610a134284c7f3fc48b890f9cb1e2f5d5c3ce3db55d2b2a2f42ffe2244a57535b6b08f9903797b316d0969433

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Electronic TT Swift Maksajuma dokuments ar atru apstiprinajumu 9029938829 doc PDF.exe
    "C:\Users\Admin\AppData\Local\Temp\Electronic TT Swift Maksajuma dokuments ar atru apstiprinajumu 9029938829 doc PDF.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/932-130-0x00000000004E0000-0x000000000054C000-memory.dmp
    Filesize

    432KB

    Download
  • memory/932-131-0x0000000004EA0000-0x0000000004F32000-memory.dmp
    Filesize

    584KB

    Download
  • memory/932-132-0x0000000005580000-0x0000000005B24000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/932-133-0x00000000052C0000-0x000000000535C000-memory.dmp
    Filesize

    624KB

    Download
  • memory/932-134-0x00000000054D0000-0x0000000005536000-memory.dmp
    Filesize

    408KB

    Download