Analysis
-
max time kernel
143s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
-
submitted
01-08-2023 19:38
General
-
Target
vctool140.dll
-
Size
106KB
-
MD5
b3b95c31fd3239a8b544ac7928e90895
-
SHA1
b7bff7464c18db412de1366805475dad7d9823c8
-
SHA256
9230457e7b1ab614f0306e4aaaf08f1f79c11f897f635230aa4149ccfd090a3d
-
SHA512
7fcbc91f488448f5581c666adbc7b469182c3f0d00cd7fa451fedf02c7440be3d94daf8164cc9c2d86a174b15ee8e7acdda6c6e1302daae47be61ef1d10b48c4
-
SSDEEP
3072:Nkg2jVkFchebV/mkzOx+sRQMLnRxbhtnaz:z2jaiebV/mkmBbltnaz
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\vctool140.dll,#11⤵
- Blocklisted process makes network request
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.0MB
-
Filesize
4.8MB
-
Filesize
10.8MB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
136KB
-
Filesize
64KB
-
Filesize
10.8MB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB