Overview

overview

1

Static

static

Tax Invoic...56.exe

windows7-x64

1

Tax Invoic...56.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 15:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Tax Invoice IN67556.exe

  • Size

    7KB

  • MD5

    4cf810e991daa5f34fea55f77dc6ec8e

  • SHA1

    534a799c083a8e4cbddd91aaffc67c1b640832c7

  • SHA256

    4c9ff241698ba8436fccffffe86eee42a7c330d3bc378152592c13a1b41cb8a3

  • SHA512

    a9b62d109dd323f00d421703ecd08d9c80fd048968024297d1938a4e931513c99d1ce49d9f8c8f9433355ce17450f45627f6904ffe6231a939aa926f6286fd0f

  • SSDEEP

    96:XVtaIzpKwDOMlNgPRlIi5LwtTXTWBkYPeB4eOpDODknNoVupzNt:vawkayPRKgLKykY2/OpDOYNWuL

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Tax Invoice IN67556.exe
    "C:\Users\Admin\AppData\Local\Temp\Tax Invoice IN67556.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1028-132-0x0000000000FC0000-0x0000000000FC8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1028-133-0x0000000005F80000-0x0000000006524000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/1028-134-0x00000000059D0000-0x0000000005A62000-memory.dmp

    Filesize

    584KB

    Download

  • memory/1028-135-0x0000000005960000-0x000000000596A000-memory.dmp

    Filesize

    40KB

    Download