Overview

overview

7

Static

static

tmp.exe

windows7_x64

7

tmp.exe

windows10-2004_x64

7

Analysis

  • max time kernel
    40s
  • max time network
    43s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    21-05-2022 07:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp.exe

  • Size

    1.7MB

  • MD5

    46941fd0c90a281ad25d2d68737bcf8d

  • SHA1

    22bcb0ff4bd0229d0eef4d13c194b5ad0bbe0fd3

  • SHA256

    2c6e680456a5d80d6c230d34d82ba6a3ad5c9041bb75776e6385e0b182e3624a

  • SHA512

    5bbe0a8b1b21116754ce411bd12c62b0edf1cbaa92c70368f61632bbada33b2a2ba419c25253e3b25f9a0f0750fe07b9a86a26e44f0947d278e1f794629d42be

Score
7/10
discoveryspywarestealer

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\tmp.exe
    "C:\Users\Admin\AppData\Local\Temp\tmp.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1172

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1172-54-0x0000000076191000-0x0000000076193000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1172-55-0x0000000074D40000-0x0000000074D8A000-memory.dmp
    Filesize

    296KB

    Download
  • memory/1172-56-0x0000000000E80000-0x000000000101E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/1172-57-0x0000000000E80000-0x000000000101E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/1172-59-0x0000000075510000-0x00000000755BC000-memory.dmp
    Filesize

    688KB

    Download
  • memory/1172-60-0x00000000757C0000-0x0000000075807000-memory.dmp
    Filesize

    284KB

    Download
  • memory/1172-61-0x0000000075250000-0x00000000752A7000-memory.dmp
    Filesize

    348KB

    Download
  • memory/1172-62-0x0000000074D20000-0x0000000074D29000-memory.dmp
    Filesize

    36KB

    Download
  • memory/1172-64-0x0000000000E80000-0x000000000101E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/1172-63-0x00000000000F0000-0x0000000000131000-memory.dmp
    Filesize

    260KB

    Download
  • memory/1172-65-0x00000000757C0000-0x0000000075807000-memory.dmp
    Filesize

    284KB

    Download
  • memory/1172-67-0x0000000075310000-0x000000007546C000-memory.dmp
    Filesize

    1.4MB

    Download
  • memory/1172-68-0x0000000000E80000-0x000000000101E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/1172-69-0x0000000000E80000-0x000000000101E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/1172-70-0x00000000750E0000-0x000000007516F000-memory.dmp
    Filesize

    572KB

    Download
  • memory/1172-72-0x0000000076190000-0x0000000076DDA000-memory.dmp
    Filesize

    12.3MB

    Download
  • memory/1172-73-0x0000000073C40000-0x0000000073C57000-memory.dmp
    Filesize

    92KB

    Download
  • memory/1172-74-0x0000000075190000-0x00000000751C5000-memory.dmp
    Filesize

    212KB

    Download
  • memory/1172-75-0x000000006E460000-0x000000006E5F0000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/1172-76-0x000000006D100000-0x000000006D117000-memory.dmp
    Filesize

    92KB

    Download