Overview

overview

10

Static

static

SwiftLCCM....f..exe

windows7_x64

10

SwiftLCCM....f..exe

windows10-2004_x64

1

Analysis

  • max time kernel
    181s
  • max time network
    190s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21-05-2022 12:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SwiftLCCM.scan.pdf..exe

  • Size

    378KB

  • MD5

    a3eec98af0fabb24461e543dc05e4ac9

  • SHA1

    ada78ad3c6dfc5ee6490c615094283f7ed4811f6

  • SHA256

    56b7da0dee74f57d90b0f1f5e1871c153d399521f9361a96dc3d298ae9f0d462

  • SHA512

    96cf4d0e789dce546a24081413a198c1ba51a753ce6b9ca85d1f8455b6112da2c1d5f96c47c8a2d14571ab96150375e277a7c32cedff99205dd35e8187856fd2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SwiftLCCM.scan.pdf..exe
    "C:\Users\Admin\AppData\Local\Temp\SwiftLCCM.scan.pdf..exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4656-130-0x0000000000CA0000-0x0000000000D04000-memory.dmp
    Filesize

    400KB

    Download
  • memory/4656-131-0x0000000005C90000-0x0000000006234000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/4656-132-0x00000000056E0000-0x0000000005772000-memory.dmp
    Filesize

    584KB

    Download
  • memory/4656-133-0x00000000056B0000-0x00000000056BA000-memory.dmp
    Filesize

    40KB

    Download
  • memory/4656-134-0x00000000059E0000-0x0000000005A7C000-memory.dmp
    Filesize

    624KB

    Download
  • memory/4656-135-0x0000000006540000-0x00000000065A6000-memory.dmp
    Filesize

    408KB

    Download