Analysis
-
max time kernel
150s -
max time network
136s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
21-05-2022 12:43
Static task
static1
Behavioral task
behavioral1
Sample
PO10062020.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
PO10062020.exe
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
PO10062020.exe
-
Size
344KB
-
MD5
02cf2e5ec0352d4e5ad016bf6a4c3ec1
-
SHA1
8b45260c7d9df1a0a1240c82ec173d7d2fe39dc3
-
SHA256
5ed8ce65c5a1e4b24a300d02167839e8f060bf38c7c407d4a7d2dc5e0d2c80b9
-
SHA512
3bf2c80200b053529afda0064544056b43d5bae40b1370e78555820cf0b4fe3c8a7361fedeb56b4cca99ebe2aab1d15f063c0c0448784eeef44d918bafbf7fe7
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 15 IoCs
Processes:
PO10062020.exepid process 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe 3836 PO10062020.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
PO10062020.exedescription pid process Token: SeDebugPrivilege 3836 PO10062020.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3836-130-0x0000000000190000-0x00000000001EC000-memory.dmpFilesize
368KB
-
memory/3836-131-0x0000000005210000-0x00000000057B4000-memory.dmpFilesize
5.6MB
-
memory/3836-132-0x0000000004B90000-0x0000000004C22000-memory.dmpFilesize
584KB
-
memory/3836-133-0x0000000004C40000-0x0000000004C4A000-memory.dmpFilesize
40KB
-
memory/3836-134-0x0000000004EF0000-0x0000000004F8C000-memory.dmpFilesize
624KB
-
memory/3836-135-0x0000000005190000-0x00000000051F6000-memory.dmpFilesize
408KB