Overview

overview

10

Static

static

Payment Advice.exe

windows7-x64

10

Payment Advice.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    13s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-10-2022 02:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payment Advice.exe

  • Size

    1.0MB

  • MD5

    232a09bfbb394ed852834398426a7802

  • SHA1

    800229b32cd515d318fe79a3839783b1339064c1

  • SHA256

    f01dd589bf6eee71da5d8f1dd99471c0ff2b2e4071147bfcad07d75727258425

  • SHA512

    fd6e1f23769d9712d02bb4ff56bb374f22a8c048c0410af1ad5e8cbc1f823007630257d2304b6ed26cd6331deae43899728a610551e5149da41f675dced00acc

  • SSDEEP

    12288:b8mAF94vNMpuKh1O8qrAot6ZMP5CxFBXpAFyDGNOSH+JoDNyADqjJ5nXOc1uqBnt:bWFCvOON6MxgNAsGNOSeWBUjrXOc

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Payment Advice.exe
    "C:\Users\Admin\AppData\Local\Temp\Payment Advice.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4924-132-0x00000000009D0000-0x0000000000ADA000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4924-133-0x0000000005CA0000-0x0000000006244000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4924-134-0x0000000005890000-0x0000000005922000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4924-135-0x0000000005930000-0x00000000059CC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/4924-136-0x0000000005830000-0x000000000583A000-memory.dmp

    Filesize

    40KB

    Download