Overview

overview

10

Static

static

doc094.exe

windows7_x64

10

doc094.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    151s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21-05-2022 12:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    doc094.exe

  • Size

    345KB

  • MD5

    aa4728fc8d920e596570904225ffaeca

  • SHA1

    242c0f565ef343f4390b3090fcd1480ae07d50c1

  • SHA256

    aa3a6c0efb81498bfda5ebc1319154af99114b3184a9dffd5924e778b25b1ab9

  • SHA512

    b145c454ab49f26194ec3d4a6ab0cb4ec4208aee1ea624d5d48473d858e41a008c2cfd0778e9aaac79f83d4ec9c62d5e0a10c7c8b879a126237c041d2d47ef41

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\doc094.exe
    "C:\Users\Admin\AppData\Local\Temp\doc094.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3288-130-0x0000000000820000-0x000000000087C000-memory.dmp
    Filesize

    368KB

    Download
  • memory/3288-131-0x0000000005890000-0x0000000005E34000-memory.dmp
    Filesize

    5.6MB

    Download
  • memory/3288-132-0x0000000005230000-0x00000000052C2000-memory.dmp
    Filesize

    584KB

    Download
  • memory/3288-133-0x00000000053E0000-0x00000000053EA000-memory.dmp
    Filesize

    40KB

    Download
  • memory/3288-134-0x0000000005610000-0x00000000057B6000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/3288-135-0x0000000007B50000-0x0000000007BEC000-memory.dmp
    Filesize

    624KB

    Download
  • memory/3288-136-0x0000000007FD0000-0x0000000008036000-memory.dmp
    Filesize

    408KB

    Download