Overview

overview

10

Static

static

INV_2020.exe

windows7_x64

10

INV_2020.exe

windows10-2004_x64

6

Analysis

  • max time kernel
    189s
  • max time network
    223s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21-05-2022 01:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    INV_2020.exe

  • Size

    311KB

  • MD5

    032e8660388186848cda8c3955f53202

  • SHA1

    356a668840a4dc5fc9a209189ffed7a462c8633a

  • SHA256

    24b2017e1fe4fa3f2616c1465cdb707abf300800da51ca3158580be6207876d8

  • SHA512

    042ebc16e9f0c1b3ad55278b9a5f095415aef6266d3a6ce7047450fb2e3479294435ec544b7eee542427feb160cc1700c6a62babd9664fb14aa546146f4d9e30

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: EnumeratesProcesses 13 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\INV_2020.exe
    "C:\Users\Admin\AppData\Local\Temp\INV_2020.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2216

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2216-130-0x0000000000C40000-0x0000000000C94000-memory.dmp
    Filesize

    336KB

    Download
  • memory/2216-131-0x0000000005B90000-0x0000000006134000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/2216-132-0x0000000005680000-0x0000000005712000-memory.dmp
    Filesize

    584KB

    Download
  • memory/2216-133-0x0000000005650000-0x000000000565A000-memory.dmp
    Filesize

    40KB

    Download
  • memory/2216-134-0x00000000059B0000-0x0000000005A4C000-memory.dmp
    Filesize

    624KB

    Download
  • memory/2216-135-0x00000000063B0000-0x0000000006416000-memory.dmp
    Filesize

    408KB

    Download