Resubmissions
12-01-2023 10:23
230112-mes96sbe4t 10Analysis
-
max time kernel
43s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
12-01-2023 10:23
General
-
Target
019085a76ba7126fff22770d71bd901c325fc68ac55aa743327984e89f4b0134.dll
-
Size
1003KB
-
MD5
2c4a910a1299cdae2a4e55988a2f102e
-
SHA1
2f1a5a7411d015d01aaee4535835400191645023
-
SHA256
019085a76ba7126fff22770d71bd901c325fc68ac55aa743327984e89f4b0134
-
SHA512
5cbfefe612a40c8872a0faf3db8d3835dc514fb3df159610095b47c595c6caa1ada79cce2b10fb99e648990c3f54f63344d1fa7025090bfcd4e2c55d7210a28d
-
SSDEEP
12288:dJKoHwfn/jz3bbO4Qag2I97PMieSLezPKT+cYvjenWHuhh9c0g8vkzE19Wv:rEfDbO97P8TrKhYbenWH4c0g8vkzE19e
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 8 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of FindShellTrayWindow 20 IoCs
-
Suspicious use of SendNotifyMessage 20 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\019085a76ba7126fff22770d71bd901c325fc68ac55aa743327984e89f4b0134.dll,#11⤵
-
C:\Windows\system32\taskmgr.exe"C:\Windows\system32\taskmgr.exe" /41⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
5.9MB