Overview

overview

8

Static

static

HEUR-Troja...cf.exe

windows7-x64

8

HEUR-Troja...cf.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    67s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/09/2022, 18:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    HEUR-Trojan-Ransom.Win32.Generic-9350d71ae24d33f0ef91fc545c6b12d388aac883a55f064e8253bd61b3abcdcf.exe

  • Size

    1.1MB

  • MD5

    101812ae79631c81e0b2c00bd7229480

  • SHA1

    06dd694f424f209685f1c29ea614098ddd47f22a

  • SHA256

    9350d71ae24d33f0ef91fc545c6b12d388aac883a55f064e8253bd61b3abcdcf

  • SHA512

    608d034aa23a7cd9119f9c473f718e95f2d71b6259581abca2aeea6ddcb07e846132295785572eae81c54834de2ab1c49d8c391c95f6263b8aac624ece79b12f

  • SSDEEP

    24576:MZthrS3OsJJkv5RL7ydYLU9xcNIs4jYF7pafWwIWUTUhRDf:mhW3vnkv/y79xSIsp7M38T8Df

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\HEUR-Trojan-Ransom.Win32.Generic-9350d71ae24d33f0ef91fc545c6b12d388aac883a55f064e8253bd61b3abcdcf.exe
    "C:\Users\Admin\AppData\Local\Temp\HEUR-Trojan-Ransom.Win32.Generic-9350d71ae24d33f0ef91fc545c6b12d388aac883a55f064e8253bd61b3abcdcf.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: RenamesItself
    • Suspicious use of AdjustPrivilegeToken
    PID:2328

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2328-132-0x0000000000210000-0x0000000000334000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/2328-133-0x0000000005C30000-0x00000000061D4000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/2328-134-0x00000000053A0000-0x0000000005432000-memory.dmp

          Filesize

          584KB

          Download

        • memory/2328-135-0x0000000005110000-0x000000000511A000-memory.dmp

          Filesize

          40KB

          Download