Analysis

  • max time kernel
    84s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/09/2022, 00:08

General

  • Target

    bF16.exe

  • Size

    32KB

  • MD5

    2043cff7ffe0498f9718b6925d9cefff

  • SHA1

    9a13a021f69ac623e995bb6bb5940506e23422f5

  • SHA256

    459339ad24f46b7d4d28e0badbc1eac08f16af67c88ccde5cbd9b4fd99ee46ab

  • SHA512

    ca7cd9dcf617a0c75890b7f0f5fbba7901fa32b6fb367f9768397473a3e2bd23fbc3606e84ae146c8bbba437515cc182b3c673ca4a8b16582e1ea676a873d85a

  • SSDEEP

    384:Z0bUe5XB4e0XvObaSjgkM8WTCtTUFQqz9A1ObbS:iT9Bum+SjeSHqbS

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 21 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bF16.exe
    "C:\Users\Admin\AppData\Local\Temp\bF16.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4656

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4656-132-0x0000000075580000-0x0000000075B31000-memory.dmp

          Filesize

          5.7MB

        • memory/4656-133-0x0000000075580000-0x0000000075B31000-memory.dmp

          Filesize

          5.7MB