Overview

overview

10

Static

static

見積の...JP.exe

windows7-x64

1

見積の...JP.exe

windows10-2004-x64

10

Resubmissions

09-08-2022 06:36

220809-hdbaragbd7 10

09-08-2022 02:29

220809-cymavsded4 10

Analysis

  • max time kernel
    151s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20220715-en
  • resource tags

    arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system
  • submitted
    09-08-2022 02:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    見積のリクエスト:RFQ-2022080902401220JP.exe

  • Size

    11KB

  • MD5

    b904f6a4b02be56ab504a10cbf6a5af1

  • SHA1

    679163ec665252c72dd90b8c198cfad8c964cde2

  • SHA256

    b2cfbcebd445e279de69ffa4169f678dda459b3ef194070a7ea3fd1ecf82f40e

  • SHA512

    3ea3a4c17d048e55feeb9f14b6ea6557040e7e1acb08a8036f0c7b2dc06551e06a7e32d82457259da853bdcda26e30b2ba2dda53a056fdcfa4ac707aa5965d69

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\見積のリクエスト:RFQ-2022080902401220JP.exe
    "C:\Users\Admin\AppData\Local\Temp\見積のリクエスト:RFQ-2022080902401220JP.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1420-54-0x0000000000AF0000-0x0000000000AF8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/1420-55-0x0000000075481000-0x0000000075483000-memory.dmp
    Filesize

    8KB

    Download