Analysis
-
max time kernel
188s -
max time network
194s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
23-11-2022 14:38
General
-
Target
32faa6dd8ce43d80a00e420b083f1084d705fbc022ae87979c5ad73949df4b79.exe
-
Size
224KB
-
MD5
f8618ef11432e37cc9954515a98b40c7
-
SHA1
713d6f84ddaa638bb72b844bd375205e75ffe436
-
SHA256
32faa6dd8ce43d80a00e420b083f1084d705fbc022ae87979c5ad73949df4b79
-
SHA512
3b63bdf903eac5b4e3d6610c978c9201198e33f5e7d7141ac1c657ab4d60a304461ffb0a75d8a147e3dc779d696d8807aa5acd792d8446b869c174fb6a3c5c69
-
SSDEEP
6144:yNBl76cpETWpZxcsvaSzjsQLSp0Dk7QHmvgKQ:6l76cMKYsvaS4R7xVQ
Score
7/10
Malware Config
Signatures
-
Unexpected DNS network traffic destination 1 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\32faa6dd8ce43d80a00e420b083f1084d705fbc022ae87979c5ad73949df4b79.exe"C:\Users\Admin\AppData\Local\Temp\32faa6dd8ce43d80a00e420b083f1084d705fbc022ae87979c5ad73949df4b79.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
232KB
-
Filesize
232KB
-
Filesize
232KB
-
Filesize
232KB
-
Filesize
232KB