Analysis
-
max time kernel
43s -
max time network
51s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
-
submitted
24-09-2022 23:42
General
-
Target
RAVAntivirus/rsRemediation.exe
-
Size
133KB
-
MD5
5759522b3a69cc0afe2ee52d2db81489
-
SHA1
eeecf8df6398015dc5ddd9b072e8798fe82f6faa
-
SHA256
b5777f61243958fe29e760089b213e1b691afd5c84296f1d3245cd40921f9b56
-
SHA512
ffdc0fdf6d42c98f7cb40263d50eae4fe5e7e1e5feed11b8842b72e2c708e0b04451eed7163f2ece9a781a170f112e4efec93c17dbe3460244937433febf5234
-
SSDEEP
1536:NjIJ/E19eM8p+H8GaAtxRuDTlrcLdrk3AgnMYln7HJTaRUL2MN1pfR87aY+Yzyy4:CJ/E1ay8GtcDqLdQ3l9lnNT526peA1Zz
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\RAVAntivirus\rsRemediation.exe"C:\Users\Admin\AppData\Local\Temp\RAVAntivirus\rsRemediation.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1500-54-0x0000000000320000-0x0000000000344000-memory.dmpFilesize
144KB
-
memory/1500-55-0x0000000000450000-0x0000000000488000-memory.dmpFilesize
224KB