Overview

overview

10

Static

static

PO10062020.exe

windows7_x64

10

PO10062020.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    150s
  • max time network
    136s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21-05-2022 12:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PO10062020.exe

  • Size

    344KB

  • MD5

    02cf2e5ec0352d4e5ad016bf6a4c3ec1

  • SHA1

    8b45260c7d9df1a0a1240c82ec173d7d2fe39dc3

  • SHA256

    5ed8ce65c5a1e4b24a300d02167839e8f060bf38c7c407d4a7d2dc5e0d2c80b9

  • SHA512

    3bf2c80200b053529afda0064544056b43d5bae40b1370e78555820cf0b4fe3c8a7361fedeb56b4cca99ebe2aab1d15f063c0c0448784eeef44d918bafbf7fe7

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 15 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PO10062020.exe
    "C:\Users\Admin\AppData\Local\Temp\PO10062020.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3836

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3836-130-0x0000000000190000-0x00000000001EC000-memory.dmp
    Filesize

    368KB

    Download
  • memory/3836-131-0x0000000005210000-0x00000000057B4000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/3836-132-0x0000000004B90000-0x0000000004C22000-memory.dmp
    Filesize

    584KB

    Download
  • memory/3836-133-0x0000000004C40000-0x0000000004C4A000-memory.dmp
    Filesize

    40KB

    Download
  • memory/3836-134-0x0000000004EF0000-0x0000000004F8C000-memory.dmp
    Filesize

    624KB

    Download
  • memory/3836-135-0x0000000005190000-0x00000000051F6000-memory.dmp
    Filesize

    408KB

    Download