Overview

overview

10

Static

static

430917.exe

windows7_x64

10

430917.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    151s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21-05-2022 12:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    430917.exe

  • Size

    330KB

  • MD5

    e194989989a1a67a7734611823a1524f

  • SHA1

    bcffc771e7e2f343a007e9a60da71a1e342d691e

  • SHA256

    06ae29042dd19e5cc3e287eafcb47a934aba12b9c3d4224d31f64a700b1b77ca

  • SHA512

    76641f8ed4a09ee40f233f8ba537a8841e6b8cd5f0d7b16a8efcc9154dcc868a05fe72a4f219c948f70fc153ead56da52fb13492c5cad1cba59798171a5637d8

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\430917.exe
    "C:\Users\Admin\AppData\Local\Temp\430917.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4828

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4828-130-0x0000000000710000-0x0000000000768000-memory.dmp
    Filesize

    352KB

    Download
  • memory/4828-131-0x00000000055F0000-0x0000000005B94000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/4828-132-0x0000000005120000-0x00000000051B2000-memory.dmp
    Filesize

    584KB

    Download
  • memory/4828-133-0x00000000052D0000-0x00000000052DA000-memory.dmp
    Filesize

    40KB

    Download
  • memory/4828-134-0x0000000005450000-0x00000000054EC000-memory.dmp
    Filesize

    624KB

    Download
  • memory/4828-135-0x0000000005D10000-0x0000000005D76000-memory.dmp
    Filesize

    408KB

    Download