Overview

overview

10

Static

static

#Inv-037120.exe

windows7_x64

10

#Inv-037120.exe

windows10-2004_x64

7

Analysis

  • max time kernel
    151s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21-05-2022 11:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    #Inv-037120.exe

  • Size

    403KB

  • MD5

    7299f2b3c1449cde81e84f16fe83d21a

  • SHA1

    30df30cc63deef9775a7b18763e4f30842b38b3c

  • SHA256

    7dc71a918e6d07b0aef89e3daa567b18b133b9822911d21c38a94bed790ee12a

  • SHA512

    4c8d7a00d4a0cb5a2894dc8db9a81e98faf85d8ae60e7fcda56e23b4683bd87e6fcdf332ce9341bbd55dd57a364b90de7d6e2b2dd5d6f0c6caaa1290a6553741

Score
7/10

Malware Config

Signatures

  • Drops startup file 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\#Inv-037120.exe
    "C:\Users\Admin\AppData\Local\Temp\#Inv-037120.exe"
    1⤵
    • Drops startup file
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2148-130-0x0000000000D80000-0x0000000000DEC000-memory.dmp
    Filesize

    432KB

    Download
  • memory/2148-131-0x00000000055F0000-0x0000000005682000-memory.dmp
    Filesize

    584KB

    Download
  • memory/2148-132-0x0000000005C50000-0x00000000061F4000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/2148-133-0x0000000005A10000-0x0000000005AAC000-memory.dmp
    Filesize

    624KB

    Download
  • memory/2148-134-0x0000000006200000-0x0000000006266000-memory.dmp
    Filesize

    408KB

    Download