Overview

overview

1

Static

static

164864255d...81.exe

windows7_x64

1

164864255d...81.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    151s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    09-06-2022 00:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    164864255d356996cd8111dd74b5b2733fa578a60081a433eb6ff8ee70315281.exe

  • Size

    47KB

  • MD5

    362c6b97511c613742d31ef8274f27c3

  • SHA1

    4cd2e549e5c68052e0daa90093c3a032c82460bb

  • SHA256

    164864255d356996cd8111dd74b5b2733fa578a60081a433eb6ff8ee70315281

  • SHA512

    2c1765e903b44047eb9a5d85e198d1fca8a9675f3b3aa2c598b69ba6b88e461db9ab7674f6db970f0b60f15c83ce0f2d1dfcc8935481c082091912914c3fd1c7

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\164864255d356996cd8111dd74b5b2733fa578a60081a433eb6ff8ee70315281.exe
    "C:\Users\Admin\AppData\Local\Temp\164864255d356996cd8111dd74b5b2733fa578a60081a433eb6ff8ee70315281.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4156-130-0x0000000000420000-0x0000000000434000-memory.dmp

    Filesize

    80KB

    Download

  • memory/4156-131-0x0000000004DF0000-0x0000000004E8C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/4156-132-0x0000000005440000-0x00000000059E4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4156-133-0x0000000004E90000-0x0000000004F22000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4156-134-0x0000000004DD0000-0x0000000004DDA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4156-135-0x0000000005100000-0x0000000005156000-memory.dmp

    Filesize

    344KB

    Download