Overview

overview

10

Static

static

Purchase o...es.exe

windows7_x64

1

Purchase o...es.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    151s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    06-07-2022 04:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Purchase order PO 137691-Prices.exe

  • Size

    77KB

  • MD5

    cf6bd5ec5a6e342d178606342c4ed570

  • SHA1

    07d672b6844c6ae6e7a24d2f5b70303c584689de

  • SHA256

    3fbd622eb1a9ecc989c5938bc7d4368096a4be0035d727a636bfcf00c870b1fd

  • SHA512

    ec49e9a6f8af2eb87b80e86d584762a01b8762ba7c9e470a7151c31c3308002a939cbfdfb6adf93a44d83f39a68c2fe5792f2c7b44e9d10232ddb3cefcd3316b

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Purchase order PO 137691-Prices.exe
    "C:\Users\Admin\AppData\Local\Temp\Purchase order PO 137691-Prices.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1336

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1336-54-0x0000000000960000-0x0000000000978000-memory.dmp
    Filesize

    96KB

    Download
  • memory/1336-55-0x0000000074B51000-0x0000000074B53000-memory.dmp
    Filesize

    8KB

    Download