Overview

overview

10

Static

static

49931cb80a...81.exe

windows7-x64

1

49931cb80a...81.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    37s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    04/10/2022, 02:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    49931cb80a13c0a8cb98311ee903dbd3180bc91d0bc955a56a1730e348230081.exe

  • Size

    116KB

  • MD5

    04530c914e393fa3680ba56627dc6e00

  • SHA1

    7f2c1f820571aa17e4bd2eef1dc05c46e0d2200d

  • SHA256

    49931cb80a13c0a8cb98311ee903dbd3180bc91d0bc955a56a1730e348230081

  • SHA512

    16427ccc71b6cd11b3e3f78fbf1e5e6e561f95c5c83614411208b4d4839e4de4361b76fb254bc8653663b765f6212fc7b4e2288f9225bcf755a83bc7b7234f85

  • SSDEEP

    1536:eXQSIJo81v2D7mHjnArZYBLiW3Q4OWXCJQRAqWp8ifcUaiW5iFoGP0q:kd8Z2D7mHrArZYoWMPJMAvpfcT8m2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\49931cb80a13c0a8cb98311ee903dbd3180bc91d0bc955a56a1730e348230081.exe
    "C:\Users\Admin\AppData\Local\Temp\49931cb80a13c0a8cb98311ee903dbd3180bc91d0bc955a56a1730e348230081.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2036-54-0x00000000762D1000-0x00000000762D3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2036-55-0x0000000074460000-0x0000000074A0B000-memory.dmp

    Filesize

    5.7MB

    Download